Advertisement
poodad

Parse NPS logs

May 29th, 2024
1,038
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 3.87 KB | None | 0 0
  1. use strict;
  2.  
  3. my @files = sort glob("//$ARGV[0]/c\$/windows/system32/logfiles/in*.log");
  4.  
  5. my $file = pop @files;
  6.  
  7. print STDERR "Using file $file\n";
  8.  
  9. open FILE, "$file" or die "$file: $!\n";
  10.  
  11. seek FILE, -2000000, 2;                     # seek to the a bit before the end
  12. <FILE>;                                     # read the partial line
  13.  
  14. print "<table border=1>\n";
  15. print "<TH>ComputerName<TH>ServiceName<TH>Record-Date<TH>Record-Time<TH>Packet-Type";
  16. print "<TH>User-Name";
  17. print "<th>Fully-Qualified-User-Name";
  18. print "<TH>Called-Station-ID<TH>Calling-Station-ID";
  19. print "<TH>Callback-Number<TH>Framed-IP-Address<TH>NAS-Identifier<TH>NAS-IP-Address<TH>NAS-Port";
  20. print "<TH>Client-Vendor<TH>Client-IP-Address<TH>Client-Friendly-Name<TH>Event-Timestamp";
  21. print "<TH>Port-Limit<TH>NAS-Port-Type<TH>Connect-Info<TH>Framed-Protocol<TH>Service-Type";
  22. print "<TH>Authentication-Type<TH>NP-Policy-Name<TH>Reason-Code<TH>Class<TH>Session-Timeout";
  23. print "<TH>Idle-Timeout<TH>Termination-Action<TH>EAP-Friendly-Name<TH>Acct-Status-Type";
  24. print "<TH>Acct-Delay-Time<TH>Acct-Input-Octets<TH>Acct-Output-Octets<TH>Acct-Session-Id";
  25. print "<TH>Acct-Authentic<TH>Acct-Session-Time<TH>Acct-Input-Packets<TH>Acct-Output-Packets";
  26. print "<TH>Acct-Terminate-Cause<TH>Acct-Multi-Ssn-ID<TH>Acct-Link-Count<TH>Acct-Interim-Interval";
  27. print "<TH>Tunnel-Type<TH>Tunnel-Medium-Type<TH>Tunnel-Client-Endpt<TH>Tunnel-Server-Endpt";
  28. print "<TH>Acct-Tunnel-Connection<TH>Tunnel-Pvt-Group-ID<TH>Tunnel-Assignment-ID";
  29. print "<TH>Tunnel-Preference<TH>MS-Acct-Auth-Type<TH>MS-Acct-EAP-Type<TH>MS-RAS-Version";
  30. print "<TH>MS-RAS-Vendor<TH>MS-CHAP-Error<TH>MS-CHAP-Domain<TH>MS-MPPE-Encryption-Types";
  31. print "<TH>MS-MPPE-Encryption-Policy";
  32.  
  33.  
  34. while(<FILE>) {
  35.  
  36.     chomp;
  37.    
  38.    
  39.     my @tmp = split /,/;
  40.     $tmp[4] = Fix4($tmp[4]);
  41.     $tmp[23] = Fix23($tmp[23]);
  42.     $tmp[25] = Fix25($tmp[25]);
  43.  
  44.     print "<tr>";
  45.     foreach my $f (@tmp) {
  46.         $f = "&nbsp;" unless $f;
  47.         print "<td>$f";
  48.     }
  49.     print "\n";
  50. }
  51.  
  52. close FILE;
  53.  
  54.  
  55. exit 0;
  56.  
  57. sub Fix4 {
  58.     my $t = shift;
  59.  
  60.     return "1 Accept-Request" if $t == 1;
  61.     return "2 Access-Accept" if $t == 2;
  62.     return "3 Access-Reject" if $t == 3;
  63.     return "4 Accounting-Request" if $t == 4;
  64.     return $t;
  65. }
  66.  
  67.  
  68. sub Fix23 {
  69.     my $t = shift;
  70.  
  71.     return "1 PAP" if $t == 1;
  72.     return "2 CHAP" if $t == 2;
  73.     return "3 MS-CHAP" if $t == 3;
  74.     return "4 MS-CHAP v2" if $t == 4;
  75.     return "5 EAP" if $t == 5;
  76.     return "7 None" if $t == 7;
  77.     return "8 Custom" if $t == 8;
  78.     return $t;
  79. }
  80.  
  81. sub Fix25 {
  82.  
  83.     my $t = shift;
  84.     return "IAS_SUCCESS " if $t == 0;
  85.     return "IAS_INTERNAL_ERROR " if $t == 1;
  86.     return "IAS_ACCESS_DENIED " if $t == 2;
  87.     return "IAS_MALFORMED_REQUEST " if $t == 3;
  88.     return "IAS_GLOBAL_CATALOG_UNAVAILABLE " if $t == 4;
  89.     return "IAS_DOMAIN_UNAVAILABLE " if $t == 5;
  90.     return "IAS_SERVER_UNAVAILABLE " if $t == 6;
  91.     return "IAS_NO_SUCH_DOMAIN " if $t == 7;
  92.     return "IAS_NO_SUCH_USER " if $t == 8;
  93.     return "IAS_AUTH_FAILURE " if $t == 16;
  94.     return "IAS_CHANGE_PASSWORD_FAILURE " if $t == 17;
  95.     return "IAS_UNSUPPORTED_AUTH_TYPE " if $t == 18;
  96.     return "IAS_LOCAL_USERS_ONLY " if $t == 32;
  97.     return "IAS_PASSWORD_MUST_CHANGE " if $t == 33;
  98.     return "IAS_ACCOUNT_DISABLED " if $t == 34;
  99.     return "IAS_ACCOUNT_EXPIRED " if $t == 35;
  100.     return "IAS_ACCOUNT_LOCKED_OUT " if $t == 36;
  101.     return "IAS_INVALID_LOGON_HOURS " if $t == 37;
  102.     return "IAS_ACCOUNT_RESTRICTION " if $t == 38;
  103.     return "IAS_NO_POLICY_MATCH " if $t == 48;
  104.     return "IAS_DIALIN_LOCKED_OUT " if $t == 64;
  105.     return "IAS_DIALIN_DISABLED " if $t == 65;
  106.     return "IAS_INVALID_AUTH_TYPE " if $t == 66;
  107.     return "IAS_INVALID_CALLING_STATION " if $t == 67;
  108.     return "IAS_INVALID_DIALIN_HOURS " if $t == 68;
  109.     return "IAS_INVALID_CALLED_STATION " if $t == 69;
  110.     return "IAS_INVALID_PORT_TYPE " if $t == 70;
  111.     return "IAS_INVALID_RESTRICTION " if $t == 71;
  112.     return "IAS_NO_RECORD " if $t == 80;
  113.     return "IAS_SESSION_TIMEOUT " if $t == 96;
  114.     return "IAS_UNEXPECTED_REQUEST " if $t == 97;
  115.     return $t;
  116. }
  117.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement