/
Radius

Radius

Owned by Eran
Mar 09, 2025
2 min read

Background

The Radius logs analysis system automatically Collects, Reads, Parses, Analyzes, and Reports all machine-generated log data related to Radius authentication and authorization processes. It provides a comprehensive set of graphs and reports to analyze machine-generated data. Use a predefined set of dashboards and widgets to visualize and address authentication and authorization activities, helping measure, troubleshoot, and optimize system integrity, stability, and quality with various visualization and investigation dashboards.

Radius logtypes requirements

For the three Radius logs, the following log types must be applied:

  • AuthNOptCh - Must be configured to have AuthNOptCh as a log type.

  • AuthZAdminCh - Must be configured to have AuthZAdminCh as a log type.

  • AuthZOptCh - Must be configured to have AuthZOptCh as a log type.

By ensuring that the correct log types are applied to each log, the Radius logs analysis system will efficiently process and analyze log data, helping users gain insights into their system's authentication and authorization processes.

Once the required information is set, on each log click next and edit the log pattern, this step is crucial to the accuracy and deployment of the Radius App. Use the following patterns for each of the logs:

  1. AuthNOptCh log:
    {priority:Type,ftype=type,Error;Warning;Information;Success;Audit Failure;Audit Success}*;*{timestamp:Date,MM/dd/yyyy HH:mm:ss}*;*{text:Source,ftype=source}*;*{text:Category,ftype=category}*;*{number:Event,ftype=event}*;*{text:User Type,ftype=usertype}*;*{text:Computer,ftype=computer}*;*{regexp:CID,refName=Description,CID:\s([^\s]+).}{regexp:User,ftype=accoutname;refName=Description,(for user |for User )[XPLG_PARAM([^\s]+)].}{regexp:Session,refName=Description,session (\S+)}{string:Description,ftype=description}

  2. AuthZAdminCh log:
    {priority:Type,ftype=type,Error;Warning;Information;Success;Audit Failure;Audit Success}*;*{timestamp:Date,MM/dd/yyyy HH:mm:ss}*;*{text:Source,ftype=source}*;*{text:Category,ftype=category}*;*{number:Event,ftype=event}*;*{text:User Type,ftype=usertype}*;*{text:Computer,ftype=computer}*;*{regexp:CID,refName=Description,CID:\s([^\s]+).}{regexp:User,ftype=accoutname;refName=Description,(for user |for User )[XPLG_PARAM([^\s]+)].}{regexp:Session,refName=Description,session (\S+)}{string:Description,ftype=description}

  3. AuthZOptCh log:
    {priority:Type,ftype=type,Error;Warning;Information;Success;Audit Failure;Audit Success}*;*{timestamp:Date,MM/dd/yyyy HH:mm:ss}*;*{text:Source,ftype=source}*;*{text:Category,ftype=category}*;*{number:Event,ftype=event}*;*{text:User Type,ftype=usertype}*;*{text:Computer,ftype=computer}*;*{regexp:CID,refName=Description,CID:\s([^\s]+).}{regexp:User,ftype=accoutname;refName=Description,(for user |for User )[XPLG_PARAM([^\s]+)].}{regexp:Session,refName=Description,session (\S+)}{string:Description,ftype=description}