Documenting the kerberos KDC log file format

Benjamin Kaduk kaduk at mit.edu
Tue Jan 31 01:44:20 EST 2017


On Mon, Jan 30, 2017 at 11:01:46PM -0700, Todd Grayson wrote:
> Has anyone seen a good writeup of the krb5kdc.log file output format?  For
> the types of log file output statements that it writes out. So for example
> the AS_REQ and TGS_REQ and follow up "closing down" lines representing a
> full connection span.
> 
> More specifically does anyone have any content or pointers to constructing
> good parsers for turning this log data into record data?  Parser tools for
> the default MIT KDC log format?

Unfortunately, the idea of a unified format was not in mind when things
were originally written, so a programmatic parse will be somewhat difficult.
We've tried to be more careful with more recent additions, but feel rather
constrained to not change the historical behavior and break existing
log-parsing scripts.

Maybe someone else on the list has some prior art that you could start
from, though.

-Ben


More information about the Kerberos mailing list