Mask Token Serial Numbers in Logs

Document created by RSA Information Design and Development Employee on Jun 13, 2017Last modified by RSA Link Admin on Sep 18, 2020
Version 15Show Document
  • View in full screen mode

You can configure RSA Authentication Manager to include only part of the token serial number in log data that is sent to applications outside of the Authentication Manager instance. For example, you might do this when logging data to syslog, a local file, or a Network Management Server using Simple Network Management Protocol (SNMP).

You can configure Authentication Manager to include zero to twelve digits of the token serial number. The default value is twelve, which includes the entire token serial number.


  1. On the primary instance, log on to the Security Console.

  2. Click Setup > System Settings > Basic Settings > Logging.

  3. Under Select Instance, choose the primary instance and click Next.

  4. In Configure Settings, under Log Data Masking, in the Number of digits of the token serial number to display box, enter the number of digits.

  5. Click Save.

    The setting applies to all instances in your deployment.

Related Concepts

Log Messages

Related Tasks

Configure Logging

Related References

Log Configuration Parameters




You are here
Table of Contents > Logging > Mask Token Serial Numbers in Logs