# -*- text -*-
#
#  $Id$

# Write a detailed log of all accounting records received.
#
detail {
	#  Note that we do NOT use NAS-IP-Address here, as
	#  that attribute MAY BE from the originating NAS, and
	#  NOT from the proxy which actually sent us the
	#  request.  The Client-IP-Address attribute is ALWAYS
	#  the address of the client which sent us the
	#  request.
	#
	#  The following line creates a new detail file for
	#  every radius client (by IP address or hostname).
	#  In addition, a new detail file is created every
	#  day, so that the detail file doesn't have to go
	#  through a 'log rotation'
	#
	#  If your detail files are large, you may also want
	#  to add a ':%H' (see doc/variables.txt) to the end
	#  of it, to create a new detail file every hour, e.g.:
	#
	#   ..../detail-%Y%m%d:%H
	#
	#  This will create a new detail file for every hour.
	#
	detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d

	#
	#  The Unix-style permissions on the 'detail' file.
	#
	#  The detail file often contains secret or private
	#  information about users.  So by keeping the file
	#  permissions restrictive, we can prevent unwanted
	#  people from seeing that information.
	detailperm = 0600

	#
	#  Every entry in the detail file has a header which
	#  is a timestamp.  By default, we use the ctime
	#  format (see "man ctime" for details).
	#
	#  The header can be customized by editing this
	#  string.  See "doc/variables.txt" for a description
	#  of what can be put here.
	#
	header = "%t"

	#
	# Certain attributes such as User-Password may be
	# "sensitive", so they should not be printed in the
	# detail file.  This section lists the attributes
	# that should be suppressed.
	#
	# The attributes should be listed one to a line.
	#
	#suppress {
		# User-Password
	#}

}