Version Affected: all - On-Premise
Logging can take up a lot of disk space on an IdP server, so this article will give some pointers on what files can be deleted and/or archived off of the server(s).
The SecureAuth IdP is a security appliance, and as such, has default logging in place for admins in case issues arise. The logs enabled by default are standard logging but during debug sessions, additional logging may be enabled.
The following areas of the SecureAuth IdP is where logging occurs:
SecureAuth IdP Server (all may not exist):
IIS on the SecureAuth IdP Server:
SecureAuth RADIUS server:
It is wise to keep some form of retention of log files and a recommended best practice is to ship a compressed logs package weekly or monthly via scripting to a network share or some sort of file server, in case log reviewing is needed at a later date.
The SecureAuth IdP can also log to a SQL Server Database which a DBA can do regular maintenance on, see the following article:
The Microsoft IIS logging can also be sent to a SQL Server Database which a DBA can do regular maintenance on, see the following Microsoft Article for custom logging within IIS:
*Please note, the SecureAuth IdP server does not have ODBC Logging for IIS enabled by default and would need to be installed first to get the \Windows\System32\intesrv\logtemp.sql script.
**Also check the following article for log roll-over and retention configuration:
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.