Mask Token Serial Numbers in Logs
You can configure RSA Authentication Manager to include only part of the token serial number in log data that is sent to applications outside of the AM instance. For example, you might do this when logging data to syslog, a local file, or a Network Management Server using Simple Network Management Protocol (SNMP).
You can configure AM to include zero to twelve digits of the token serial number. The default value is twelve, which includes the entire token serial number.
Procedure
On the primary instance, log on to the Security Console.
Click Setup > System Settings > Basic Settings > Logging.
Under Select Instance, choose the primary instance and click Next.
In Configure Settings, under Log Data Masking, in the Number of digits of the token serial number to display box, enter the number of digits.
Click Save.
The setting applies to all instances in your deployment.
Related Concepts
Related References
Related Tasks
Related Articles
How to Mask Token Serial Numbers in RSA Authentication Manager 8.X Logs Number of Views SQL command to list all token serial numbers in Authentication Manager 8.x and their associated security domains Number of Views Serial number is the only field visible when searching for tokens using Where search in RSA Authentication Manager 8.x Number of Views Serial Number Mismatch Number of Views RSA Authentication Manager 8.x Multiple Vulnerabilities in ISC BIND - False Positive Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
