SecurID^® Knowledge Base

Yes

Article Number

000039717

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x

Issue

How to configure RSA Authentication Manager to include only part of the token serial number in log data that is sent to applications outside of the Authentication Manager instance. For example, you might do this when logging data to syslog, a local file, or a Network Management Server using Simple Network Management Protocol (SNMP).

You can configure Authentication Manager to include zero to twelve digits of the token serial number. The default value is twelve, which include the entire token serial number.

Task


Procedure:

1. On the primary instance, log on to the Security Console.

2. Click Setup > System Settings > Basic Settings > Logging.

3. Under Select Instance, choose the primary instance and click Next.

4. In Configure Settings, under Log Data Masking, in the Number of digits of the token serial number to display box, enter the number of digits.

5. Click Save.

Image description

Resolution

Logs are secured by masking token serial number in the log data sent over the network. You can configure the number of digits of the token serial number that are displayed in the log data.

How does the masking work?
Digits are masked from the left to the right. For example, if you want to display 4 digits, the token serial number will be xxxxxxxx1234.

Notes

This setting is system wide and applies to all instances in your deployment.
For information about Log Messages

SecurID^® Knowledge Base

How to Mask Token Serial Numbers in RSA Authentication Manager 8.X Logs

Article Number

Applies To

Issue

Task

Resolution

Notes

In this article

SecurID® Knowledge Base

How to Mask Token Serial Numbers in RSA Authentication Manager 8.X Logs

Article Number

Applies To

Issue

Task

Resolution

Notes

In this article

Related Content

SecurID^® Knowledge Base