Last logon logging

Post your feature requests for OpenVPN Access Server here.
Post Reply
hookprocess
OpenVpn Newbie
Posts: 6
Joined: Wed Nov 16, 2016 1:17 pm

Last logon logging

Post by hookprocess » Mon Jul 24, 2017 7:14 am

Would really like to have a column added to the "User Permissions" page with last logon information and client IP used. Would have been way easier to clear out old accounts that way.

chilinux
OpenVPN User
Posts: 15
Joined: Thu Mar 28, 2013 8:31 am

Re: Last logon logging

Post by chilinux » Thu Jul 27, 2017 12:01 am

While I agree it would be nice if this was presented directly in the control panel, you can get access to this information in the current version from the command line:

/usr/local/openvpn_as/scripts/logdba --csv --service_filt=VPN > vpnlog.csv

If you then download the resulting file and import it into a spreadsheet, you should then have the required information to proceed with clearing out stale accounts.

It should be noted that if you are using RADIUS or LDAP and do not check "require user permissions record for VPN access" then all you will be clearing out is the permissions but the next successful authentication will still work for obtaining access (including getting a new certificate if the previous one was revoked). Actual clearing of RADIUS or LDAP accounts should be performed at the external authentication service itself.

hookprocess
OpenVpn Newbie
Posts: 6
Joined: Wed Nov 16, 2016 1:17 pm

Re: Last logon logging

Post by hookprocess » Thu Jul 27, 2017 12:10 pm

Thank you for that command chilinux!

Post Reply