Hi, let say i have 2 log files(they are below) dhcp and radius. What i need is to put the information to a file just from good connections ( Auth: Login OK ) others just ignore. And the information should look like: time, login name, mac, ip, server. But the trouble is that from radius log i get different looking macs like 001cbf9bb638, 00-1c-bf-9b-b6-38 but in dhcp it always looks like this 00:48:54:52:3b:bb. The main question would be how can i now if it is a mac adress(what command sould help) and how can i convert to dhcp stile (00:48:54:52:3b:bb like this). Thanks being pacient reading this
RADIUS
Thu Dec 4 07:24:54 2008 : Auth: Login OK: [kava4186] (from client LINKSYS3 port 0 via TLS tunnel)
Thu Dec 4 07:24:54 2008 : Auth: Login OK: [kava4186] (from client LINKSYS3 port 21 cli 001cbf9bb638)
Thu Dec 4 07:50:52 2008 : Auth: Login OK: [limo5625] (from client LINKSYS3 port 0 via TLS tunnel)
Thu Dec 4 07:50:52 2008 : Auth: Login OK: [limo5625] (from client LINKSYS3 port 12 cli 0013e80a5b5d)
Thu Dec 4 08:00:14 2008 : Auth: Login OK: [boda7805] (from client LINKSYS3 port 0 via TLS tunnel)
Thu Dec 4 08:00:14 2008 : Auth: Login OK: [boda7805] (from client LINKSYS3 port 33 cli 0015afecda17)
Thu Dec 4 08:00:50 2008 : Error: rlm_eap: UserIdentity Unknown
Thu Dec 4 08:00:50 2008 : Error: rlm_eap: Identity Unknown, authentication failed
Thu Dec 4 08:00:50 2008 : Auth: Login incorrect: [<no User-Name attribute>] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Thu Dec 4 08:00:52 2008 : Error: rlm_eap: UserIdentity Unknown
Thu Dec 4 08:00:52 2008 : Error: rlm_eap: Identity Unknown, authentication failed
Thu Dec 4 08:00:52 2008 : Auth: Login incorrect: [<no User-Name attribute>] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Thu Dec 4 08:03:06 2008 : Auth: Login incorrect (rlm_ldap: User not found): [ADMIN\\Adminas] (from client WILI-08 port 0 via TLS tunnel)
Thu Dec 4 08:03:06 2008 : Auth: Login incorrect: [ADMIN\\Adminas] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Thu Dec 4 08:03:08 2008 : Error: rlm_eap: No EAP session matching the State variable.
Thu Dec 4 08:03:08 2008 : Error: rlm_eap: Either EAP-request timed out OR EAP-response to an unknown EAP-request
Thu Dec 4 08:03:08 2008 : Auth: Login incorrect: [ADMIN\\Adminas] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Thu Dec 4 08:03:10 2008 : Auth: Login incorrect (rlm_ldap: User not found): [ADMIN\\Adminas] (from client WILI-08 port 0 via TLS tunnel)
Thu Dec 4 08:03:10 2008 : Auth: Login incorrect: [ADMIN\\Adminas] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Thu Dec 4 08:03:13 2008 : Auth: Login incorrect (rlm_ldap: User not found): [ADMIN\\Adminas] (from client WILI-08 port 0 via TLS tunnel)
Thu Dec 4 08:03:13 2008 : Auth: Login incorrect: [ADMIN\\Adminas] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Thu Dec 4 08:03:15 2008 : Error: rlm_eap: No EAP session matching the State variable.
Thu Dec 4 08:03:15 2008 : Error: rlm_eap: Either EAP-request timed out OR EAP-response to an unknown EAP-request
Thu Dec 4 08:03:15 2008 : Auth: Login incorrect: [ADMIN\\Adminas] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Thu Dec 4 08:03:48 2008 : Auth: Login incorrect (rlm_ldap: User not found): [ADMIN\\Adminas] (from client WILI-08 port 0 via TLS tunnel)
Thu Dec 4 08:04:01 2008 : Auth: Login OK: [JOMO6060] (from client WILI-08 port 0 via TLS tunnel)
Thu Dec 4 08:04:01 2008 : Auth: Login OK: [JOMO6060] (from client WILI-08 port 8 cli 00-17-31-AA-2D-77)
Dhcp
Dec 4 07:24:54 sunfire1 dhcpd: DHCPREQUEST for 192.168.1.100 from 00:1c:bf:9b:b6:38 via em3: wrong network.
Dec 4 07:24:54 sunfire1 dhcpd: DHCPNAK on 192.168.1.100 to 00:1c:bf:9b:b6:38 via em3
Dec 4 07:24:55 sunfire1 dhcpd: DHCPREQUEST for 192.168.4.5 from 00:06:4f:02:00:52 via em2
Dec 4 07:24:55 sunfire1 dhcpd: DHCPACK on 192.168.4.5 to 00:06:4f:02:00:52 via em2
Dec 4 07:24:56 sunfire1 dhcpd: DHCPDISCOVER from 00:1c:bf:9b:b6:38 via em3
Dec 4 07:24:57 sunfire1 dhcpd: DHCPOFFER on 10.2.247.225 to 00:1c:bf:9b:b6:38 (karolis) via em3
Dec 4 07:24:57 sunfire1 dhcpd: DHCPREQUEST for 10.2.247.225 (10.255.255.1) from 00:1c:bf:9b:b6:38 (karolis) via em3
Dec 4 07:24:57 sunfire1 dhcpd: DHCPACK on 10.2.247.225 to 00:1c:bf:9b:b6:38 (karolis) via em3
Dec 4 07:25:00 sunfire1 dhcpd: DHCPREQUEST for 192.168.3.4 from 00:30:4f:06:66:a3 via em2
Dec 4 07:25:00 sunfire1 dhcpd: DHCPACK on 192.168.3.4 to 00:30:4f:06:66:a3 via em2
Dec 4 07:25:01 sunfire1 dhcpd: uid lease 192.168.46.131 for client 00:1f:29:2c:49:96 is duplicate on itc
Dec 4 07:25:01 sunfire1 dhcpd: DHCPREQUEST for 192.168.45.129 from 00:1f:29:2c:49:96 via em2
Dec 4 07:25:01 sunfire1 dhcpd: DHCPACK on 192.168.45.129 to 00:1f:29:2c:49:96 via em2
Dec 4 07:25:07 sunfire1 dhcpd: DHCPREQUEST for 192.168.42.7 from 00:11:09:13:a0:0b via em2
Dec 4 07:25:07 sunfire1 dhcpd: DHCPACK on 192.168.42.7 to 00:11:09:13:a0:0b via em2
Dec 4 07:25:10 sunfire1 dhcpd: DHCPINFORM from 10.2.247.225 via em3
Dec 4 07:25:10 sunfire1 dhcpd: DHCPACK to 10.2.247.225 (00:1c:bf:9b:b6:38) via em3
Dec 4 07:25:16 sunfire1 dhcpd: DHCPREQUEST for 192.168.44.33 from 00:14:4f:26:d9:66 via em2
Dec 4 07:25:16 sunfire1 dhcpd: DHCPACK on 192.168.44.33 to 00:14:4f:26:d9:66 via em2
Dec 4 07:25:22 sunfire1 dhcpd: DHCPINFORM from 192.168.5.6 via em2
Dec 4 07:25:22 sunfire1 dhcpd: DHCPACK to 192.168.5.6 (00:06:4f:02:00:51) via em2
Dec 4 07:25:25 sunfire1 dhcpd: DHCPINFORM from 192.168.5.6 via em2
Dec 4 07:25:25 sunfire1 dhcpd: DHCPACK to 192.168.5.6 (00:06:4f:02:00:51) via em2
Dec 4 07:25:26 sunfire1 dhcpd: DHCPREQUEST for 193.219.42.107 from 00:40:f4:bd:5e:d6 (ragaisiopc) via em0
Dec 4 07:25:26 sunfire1 dhcpd: DHCPACK on 193.219.42.107 to 00:40:f4:bd:5e:d6 (ragaisiopc) via em0
Dec 4 07:25:27 sunfire1 dhcpd: DHCPREQUEST for 192.168.7.3 from 00:06:4f:02:00:59 via em2
Dec 4 07:25:27 sunfire1 dhcpd: DHCPACK on 192.168.7.3 to 00:06:4f:02:00:59 via em2
Dec 4 07:25:43 sunfire1 dhcpd: DHCPREQUEST for 192.168.44.25 from 00:14:4f:1f:b7:21 via em2
Dec 4 07:25:43 sunfire1 dhcpd: DHCPACK on 192.168.44.25 to 00:14:4f:1f:b7:21 via em2
Dec 4 07:25:44 sunfire1 dhcpd: DHCPREQUEST for 172.16.42.11 from 00:01:e6:ad:9d:71 via em0
Dec 4 07:25:44 sunfire1 dhcpd: DHCPACK on 172.16.42.11 to 00:01:e6:ad:9d:71 via em0
Dec 4 07:25:47 sunfire1 dhcpd: DHCPREQUEST for 192.168.5.7 from 00:06:4f:02:54:b1 via em2
Dec 4 07:25:47 sunfire1 dhcpd: DHCPACK on 192.168.5.7 to 00:06:4f:02:54:b1 via em2
Dec 4 07:25:49 sunfire1 dhcpd: DHCPREQUEST for 192.168.9.1 from 00:50:22:82:63:77 via em2
Dec 4 07:25:49 sunfire1 dhcpd: DHCPACK on 192.168.9.1 to 00:50:22:82:63:77 via em2
Dec 4 07:25:55 sunfire1 dhcpd: DHCPREQUEST for 10.2.254.211 from 00:06:4f:03:63:09 (hr) via em3
Dec 4 07:25:55 sunfire1 dhcpd: DHCPACK on 10.2.254.211 to 00:06:4f:03:63:09 (hr) via em3
Dec 4 07:26:05 sunfire1 dhcpd: DHCPREQUEST for 193.219.42.92 from 00:50:22:8d:9c:5b (biblio-stud) via em0
Dec 4 07:26:05 sunfire1 dhcpd: DHCPACK on 193.219.42.92 to 00:50:22:8d:9c:5b (biblio-stud) via em0
Dec 4 07:26:12 sunfire1 dhcpd: DHCPREQUEST for 192.168.45.111 from 00:1a:a0:60:31:2c via em2
Dec 4 07:26:12 sunfire1 dhcpd: DHCPACK on 192.168.45.111 to 00:1a:a0:60:31:2c via em2