Audit logs can be implemented in a very simple way
Install swatch
apt-get install swatchMake script
nano /opt/openvpn_watch.shwatchfor /TLS: Initial/
mail=some-email@test.com,subject="Client connected to VPN."
Create system service
nano /etc/systemd/system/openvpn_watch.service[Unit]
Description=openvpn_watch-log-authentication
After=openvpn.target
[Service]
ExecStart=/usr/bin/swatch -c /opt/openvpn_watch.sh -t /etc/openvpn/openvpn_server.log --daemon > /dev/null 2>&1
KillMode=process
Type=simple
Restart=no
[Install]
WantedBy=multi-user.target
Run service
systemctl daemon-reload
systemctl start openvpn_watch.service
systemctl enable openvpn_watch.service
