# -*- text -*-
##
## Logging required for SA eduroam, per eduroam National Policy for South Africa 20121212ter C.1. & C.2.
## https://eduroam.ac.za/policy/
## https://eduroam.ac.za/static/eduroamNationalPolicyforSouthAfrica-20121212ter.pdf
##

# Format a date with ISO8601 in UTC (requires rlm_date, only in newer versions)
date iso8601 {
	format = "%Y-%m-%dT%H:%M:%SZ"
	utc = yes
}

linelog log_eduroam_idp {
	#  If the filename is "syslog", then the log messages will
	#  go to syslog.
	filename = ${logdir}/eduroam-idp.log
	#filename = syslog
	#syslog_facility = local1
	#syslog_severity = info
	format = ""
	reference = "idp.%{%{reply:Packet-Type}:-format}"
	idp {
		Access-Accept = "action=IdP-Accept, Event-Timestamp=%{%{iso8601:&control:Tmp-Integer-1}:-%S}, outer.User-Name=%{outer.request:User-Name}, User-Name=%{User-Name}, Calling-Station-Id=%{Calling-Station-Id}, Chargeable-User-Identity=%{string:reply:Chargeable-User-Identity}, Eduroam-SP-Country=%{outer.request:Eduroam-SP-Country}, Operator-Name=%{outer.request:Operator-Name}, Called-Station-Id=%{outer.request:Called-Station-Id}, Called-Station-SSID=%{outer.request:Called-Station-SSID}"
		Access-Reject = "action=IdP-Reject, Event-Timestamp=%{%{iso8601:&control:Tmp-Integer-1}:-%S}, outer.User-Name=%{outer.request:User-Name}, User-Name=%{User-Name}, Calling-Station-Id=%{Calling-Station-Id}, Chargeable-User-Identity=%{string:reply:Chargeable-User-Identity}, Eduroam-SP-Country=%{outer.request:Eduroam-SP-Country}, Operator-Name=%{outer.request:Operator-Name}, Called-Station-Id=%{outer.request:Called-Station-Id}, Called-Station-SSID=%{outer.request:Called-Station-SSID}"
	}
}

linelog log_eduroam_sp {
	#  If the filename is "syslog", then the log messages will
	#  go to syslog.
	filename = ${logdir}/eduroam-sp.log
	#filename = syslog
	#syslog_facility = local1
	#syslog_severity = info
	format = ""
	reference = "sp.%{%{proxy-reply:Packet-Type}:-format}"
	sp {
		Access-Accept = "action=SP-Accept, Event-Timestamp=%{%{iso8601:&control:Tmp-Integer-1}:-%S}, outer.User-Name %{User-Name}, Calling-Station-Id=%{Calling-Station-Id}, Chargeable-User-Identity=%{string:proxy-reply:Chargeable-User-Identity}, NAS-IP-Address=%{%{NAS-IP-Address}:-%{NAS-IPv6-Address}}, Called-Station-Id=%{Called-Station-Id}, Called-Station-SSID=%{Called-Station-SSID}"
		Access-Reject = "action=SP-Reject, Event-Timestamp=%{%{iso8601:&control:Tmp-Integer-1}:-%S}, outer.User-Name %{User-Name}, Calling-Station-Id=%{Calling-Station-Id}, Chargeable-User-Identity=%{string:proxy-reply:Chargeable-User-Identity}, NAS-IP-Address=%{%{NAS-IP-Address}:-%{NAS-IPv6-Address}}, Called-Station-Id=%{Called-Station-Id}, Called-Station-SSID=%{Called-Station-SSID}"
	}
}
