How to enable or disable audit, debug, error and Syslog logging on multiple realms using Set-SALogging

    Applies to:
  • SecureAuth Identity Platform
  • Legacy SecureAuth IdP
Deployment model:
  • Cloud
  • Hybrid
  • On Premises
  • Version Affected:  All


    How to use Set-SALogging to enable or disable text Audit, Debug or Error logging on all or multiple realms.



    An IdP administrator may need to enable or disable logging levels on realms without affecting other settings or in bulk.



    Set-SALogging can be downloaded from here:



    Download to any folder on the IdP where you have write permission.

    • After downloading be sure to right click the script, click Properties, then Unblock (if present).
    • The script can be run from any folder on the IdP. 
    • Help on usage and examples can be obtained  by running:
    Set-SALogging -help



    The tool can be run in 2 modes. 

    • Interactive:  Run without supplying parameters and the tool will ask which realms should be updated.  You have a choice of All or a list of realms separated by commas or a space character.  There will then be the option of Enabling, Disabling or No Change for Text Audit, Debug and Error logs, as well as Syslog.  Only valid existing realms will be processed and only those requiring a change will be modified.
    • Non-interactive: Does the same, taking input from the command line supplied parameters without asking for any additional input at run time.
      Non-interactive mode is triggered by supplying any of the following parameters:
      [-Silent] [-BeatsLoggingEnabled] [-AuditLoggingEnabled] [-DebugLoggingEnabled] [-ErrorLoggingEnabled]
      [-SysLogEnabled] [-SysLogHost] [-SysLogPort] [-SysLogRFC] [-SysLogPEN] [-RealmNumbers]

    In both modes the tool logs to the same folder that the executable is located in.  It will also create a RollBack folder at the same location containing Batch files which will revert the web.configs to the state they were in prior to running the tool.  If necessary these batch files should be run elevated as Administrator to bypass UAC.


    Here's a brief summary of the syntax and some examples:

    Set-SALogging [-Silent] [-SkipDecryption] [-IgnoreEncryption] [-WebconfigFolder <String>]

    [-BeatsLoggingEnabled] [-AuditLoggingEnabled] [-DebugLoggingEnabled]
    [-ErrorLoggingEnabled] [-SysLogEnabled] [-SysLogHost <String>] [-SysLogPort <UInt16>]
    [-SysLogRFC <Object>] [-SysLogPEN <UInt16>] [-RealmNumbers <Int32[]>] [<CommonParameters>]



    # Will run Set-SALogging fully interactively


    Set-SALogging -Silent -AuditLoggingEnabled $true
    # Enable audit text logging on all realms, suppressing prompts for input and any output


    Set-SALogging -SkipDecryption
    # Run interactively but skips the decryption and encryption phase. Requires that all web.configs be decrypted prior to running.


    Set-SALogging -SkipDecryption -IgnoreEncryption -RealmNumbers 1,2,3,5,7,11,13,17
    # Run non-interactively for the realms provided, skip decryption and encryption and also try tp process web.config files that may still have encrypted sections.


    Set-SALogging -SysLogEnabled $true -SysLogHost '' -SysLogPort 1514 -SysLogRFC 'RFC5424' -SysLogPEN 46952
    # Run non interactively against all realms, enable Syslog and set Syslog options


    SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.

    Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.

    0 out of 0 found this helpful



    Please sign in to leave a comment.