What logs can be cleaned from a SecureAuth IdP server?

Follow

Version Affected:  all - On-Premise

Description:  

Logging can take up a lot of disk space on an IdP server, so this article will give some pointers on what files can be deleted and/or archived off of the server(s).

 

Cause:  

The SecureAuth IdP is a security appliance, and as such, has default logging in place for admins in case issues arise. The logs enabled by default are standard logging but during debug sessions, additional logging may be enabled.

 

Resolution:  

The following areas of the SecureAuth IdP is where logging occurs:

SecureAuth IdP Server (all may not exist):

  • D:\SecureAuth\<REALM_#>\AuditLogs\
  • D:\SecureAuth\<REALM_#>\DebugLogs\
  • D:\SecureAuth\<REALM_#>\ErrorLogs\

IIS on the SecureAuth IdP Server:

  • D:\inetpub\logs\logfiles\W3SVC1\

SecureAuth RADIUS server:

  • <INSTALL_DIRECTORY>\bin\logs\

 

Special Considerations:  

It is wise to keep some form of retention of log files and a recommended best practice is to ship a compressed logs package weekly or monthly via scripting to a network share or some sort of file server, in case log reviewing is needed at a later date.

The SecureAuth IdP can also log to a SQL Server Database which a DBA can do regular maintenance on, see the following article:

https://docs.secureauth.com/display/91docs/Logging+Database+Configuration+Guide#expand-ShrinkDatabaseFiles

 

The Microsoft IIS logging can also be sent to a SQL Server Database which a DBA can do regular maintenance on, see the following Microsoft Article for custom logging within IIS:

https://support.microsoft.com/en-ca/help/245243/how-to-configure-odbc-logging-in-iis

 

*Please note, the SecureAuth IdP server does not have ODBC Logging for IIS enabled by default and would need to be installed first to get the \Windows\System32\intesrv\logtemp.sql script.

 

**Also check the following article for log roll-over and retention configuration:

https://support.secureauth.com/hc/en-us/articles/360027918591-Log-file-rollover-and-retention-configuration

 

SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.

Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.