Page 1 of 1

Configure VPN connection logs for auditing

Posted: Thu Jan 14, 2016 10:18 am
by johnson84
Hello all,

I am very new to OpenVPN. I have been tasked to configure logging for VPN connections for audit purposes.
For instance, User A logs into VPN on 14th Jan 2016.

On 15th Jan (or later) I should be able to view the log file, showing that User A is connected to the VPN on the 14th.

The config I can find is this:

# Output a short status file showing
# current connections, truncated
# and rewritten every minute.
status openvpn-status.log

However, the above would truncate and overwrite the logs every minute.

Question 1:
Is there a way to disable overwriting of connection logs?

Question 2:
# By default, log messages will go to the syslog (or
# on Windows, if running as a service, they will go to
# the "\Program Files\OpenVPN\log" directory).
# Use log or log-append to override this default.
# "log" will truncate the log file on OpenVPN startup,
# while "log-append" will append to it. Use one
# or the other (but not both).
;log openvpn.log
log-append openvpn.log

What are these logs referring to? What is the difference between openvpn.log and openvpn-status.log

Thank you in advance, community.

Rgds,
Johnson

Re: Configure VPN connection logs for auditing

Posted: Thu Jan 14, 2016 12:24 pm
by Traffic
See --log and --status in The Manual v23x

Re: Configure VPN connection logs for auditing

Posted: Fri Jan 15, 2016 2:45 am
by johnson84
I just found out that the authentication logs can be found here:
/var/log/messages

using grep, i can find out what I want.

cat /var/log/messages | grep username

Re: Configure VPN connection logs for auditing

Posted: Fri Jan 15, 2016 11:15 am
by Traffic
You could also use the --client-connect and --client-disconnect directives to create your own records.

Re: Configure VPN connection logs for auditing

Posted: Wed Apr 03, 2019 3:27 pm
by SofianeLandez
Thanks for these infos, that's much appreciated!