Configure Logging

You can configure RSA Authentication Manager logging on each instance. You can copy the log configuration from the primary instance to the replica instance.

Before you begin

You must be a Super Admin.

Procedure

  1. In the Security Console, click Setup > System Settings.

  2. Click Logging.

  3. Select an instance.

  4. Click Next.

  5. From the Trace Log, Administrative Audit Log, Runtime Audit Log, and System Log drop-down lists, select a log level. For a description of each parameter, see Log Configuration Parameters.

  6. Determine where to store the log data. You can choose to save it:

    • Locally in the internal database only.

    • Locally in the internal database and in the local operating system syslog.

    • Locally in the internal database and the remote syslog at a specified hostname or IP address. The remote host must be a valid UNIX machine that Authentication Manager is permitted to access. The system resolves the remote hostname by referring to the Domain Name System that was configured during Quick Setup.

      This option sends unencrypted Authentication Manager log data to the remote syslog. If you need to encrypt your data before sending it, choose another option. For more information, see Configure the Remote Syslog Host for Real Time Log Monitoring.

      If you update the IP address or hostname for a remote syslog server, you must restart Authentication Manager services to apply the change:

      1. Log on to the appliance operating system as rsaadmin.

      2. Change the directory to /opt/rsa/am/server

      3. Run ./rsaserv restart all.

  7. If you are configuring log settings on the primary instance and you want to apply the same changes to the replica instance, click Apply the above settings to the replica instance(s) upon save.

  8. Click Save.