RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
How to configure RSA Authentication Manager to include only part of the token serial number in log data that is sent to applications outside of the Authentication Manager instance. For example, you might do this when logging data to syslog, a local file, or a Network Management Server using Simple Network Management Protocol (SNMP).
You can configure Authentication Manager to include zero to twelve digits of the token serial number. The default value is twelve, which include the entire token serial number.
1. On the primary instance, log on to the Security Console.
2. Click Setup > System Settings > Basic Settings > Logging.
3. Under Select Instance, choose the primary instance and click Next.
4. In Configure Settings, under Log Data Masking, in the Number of digits of the token serial number to display box, enter the number of digits.
5. Click Save.
Logs are secured by masking token serial number in the log data sent over the network. You can configure the number of digits of the token serial number that are displayed in the log data.
How does the masking work?
Digits are masked from the left to the right. For example, if you want to display 4 digits, the token serial number will be xxxxxxxx1234.
This setting is system wide and applies to all instances in your deployment.
For information about Log Messages