[asterisk-dev] Non-universalized log messages render security tools useless in Asterisk SVN-branch-1.8-r354348 or maybe other versions as well !!!
Bruce B
bruceb444 at gmail.com
Mon Feb 13 08:49:34 CST 2012
>
> I also checked res_security_log and the module is loaded but it doesn't
> add ANY whatsoever logs in Asterisk 1.8. Is that an incomplete module?
>
>
> Like Paul stated, support for logging security events in chan_sip was
> added in Asterisk 10. In Asterisk 1.8, I think only AMI security events
> are logged. Also, make sure that you enable it in logger.conf. The
> security events will be contained in a separate log file.
>
>
Thanks Michael. For the sake of testing I installed Asterisk 10.1.2 and I
have res_security_log.so loaded and I have this line in logger.conf as per
directions:
security => security
However, there are NO LOGS generated in this file. The best I can see from
Asterisk is this:
*[Feb 13 09:46:21] NOTICE[14762]: chan_sip.c:22906 handle_request_invite:
Sending fake auth rejection for device "Anonymous"
<sip:Anonymous at anonymous.invalid>;tag=as55ac8bb5*
To conclude, res_security_log does NOT log anything so far. CDRs do not
include the source IP address and Asterisk doesn't mention the source IP no
where in Asterisk 1.8 or 10.x. Am I missing something? Have you tested this
yourself?
Regards,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20120213/968e451a/attachment-0001.htm>
More information about the asterisk-dev
mailing list