Documentation

 

 

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

SecureAuth IdP RADIUS server logs 
Anchor
radlogs
radlogs

Enable logs

Set up logs for the SecureAuth IdP RADIUS server logs can assist in troubleshooting the SecureAuth IdP RADIUS server.

To set up logs for the SecureAuth IdP RADIUS server:

1. Go to by completing the following:

  1. Download the following log configuration file, and place it in a temporary folder on the SecureAuth RADIUS server.
    View file
    namelog4j2.xml
    height150

  2. Rename C:\idpRADIUS\bin\conf\log4j2.xml so you can use it to disable logging when you finish debugging.

    The paths you use might be different, depending on your RADIUS server version or the destination folder selected when you installed the RADIUS server. The following are examples of default paths:
    • C:\idpRADIUS\bin\conf\log4j2.xml

2. Under "<Loggers>", find logger name="com.secureauth" and change the level value to "all". For example:

   <logger name="com.secureauth" level="all" additivity="false">

3. Save edits.

4. Find log files stored in C:\IdPRADIUS\bin\Logs\saRadiusServer

The table below shows log levels in order by verbosity: :

...

Level

...

Description

...

ALL

...

Captures all logging

...

TRACE

...

Captures finer-grained informational events than DEBUG (contains all package attributes to and from the VPN)

...

DEBUG

...

Captures fine-grained informational events for debugging RADIUS

...

INFO

...

Captures diagnostic information at a coarse-grained level, and Adaptive Authentication password state results

...

  • PasswordState: Adaptive Auth results in status: Continue for user
  • PasswordState: Adaptive Auth results in status: TwoFactor for user

...

WARN

...

Designates potentially harmful situations

...

ERROR

...

Captures critical or error conditions that still allow RADIUS to run

...

FATAL

...

Captures emergency conditions for severe error events

...

OFF

...

Disables logging

    • C:\Program Files (x86)\SecureAuth Corporation\SecureAuth IdP RADIUS Agent\bin\conf\log4j2.xml
    • C:\Program Files\SecureAuth Corporation\SecureAuth IdP RADIUS Agent\bin\conf\log4j2.xml
  1. Place the downloaded log4j2.xml file in the *\bin\conf folder, which is the same folder used in step 2.
  2. Run the services.msc application, then restart the SecureAuth RADIUS service.
  3. Replicate the issue you have encountered.
  4. Find log files stored in *\bin\Logs\saRadiusServer.log.
  5. Receive assistance with resolving the issue by forwarding log files to the SecureAuth Support team when you create a support ticket.
  6. Restore the original log4j2.xml after debugging is completed. 

    Trace level logging uses a substantial amount of disk space and can create disk space issues over time.

Sample logs for different RADIUS failover scenarios

Failover to a SecureAuth IdP RADIUS backup server is configured under Step B: IdP Realms configuration, Add IdP Realm in the Configuration guide - v2.5 - SecureAuth IdP RADIUS server.

...