LogoLogo
LogoLogo
  • Welcome
  • Details
  • Configuration
    • Getting Started
      • Generic Guide
      • Scenario-based Guides
        • Microsoft Cloud PKI
        • SCEPman PKI
    • Access Point Setup
      • RadSec
        • Aruba
        • FortiNet
        • Juniper Mist
        • Meraki
        • MikroTik
        • Ruckus
        • UniFi
      • RADIUS
        • ExtremeCloud IQ CoPilot
        • Meraki
        • Sophos UTM
        • UniFi
    • Server Certificate Renewal
  • Admin Portal
    • Home
    • Insights
      • Rule Engine
      • Logs
    • Users
    • Settings
      • Server Settings
      • Trusted Certificates
      • Proxy Settings
      • Permissions
      • User Settings
      • Rules
        • General Structure
        • WiFi
        • LAN
        • VPN
      • Log Exporter
        • Teams
        • Log Analytics
        • Generic Webhook
        • Examples
    • My Invited Users
  • Profile Deployment
    • Microsoft Intune
      • Server Trust
      • WiFi Profile
        • Windows
        • iOS/iPadOS & macOS
        • Android
      • Wired Profile
        • Windows
        • macOS
    • Jamf Pro
      • Server Trust
      • WiFi Profile
      • Wired Profile
    • Google Workspace
      • Server Trust
      • WiFi Profile
  • Other
    • Troubleshooting
    • FAQs
      • General
      • Log & Common Errors
      • MAC Authentication
      • Blast-RADIUS Vulnerability
      • OCSP Soft-fail Consequences
      • Security & Privacy
    • REST API
      • External Monitoring
    • Changelog
  • Licensing
    • Azure Marketplace
  • Support & Service Level
  • RADIUSaaS Website
Powered by GitBook
On this page

Was this helpful?

  1. Admin Portal
  2. Insights

Logs

Last updated 6 months ago

Was this helpful?

You can access basically every log that the platform generates. Naturally, this means that you may not be able to understand everything which you can read. You don't have to. If you have any questions, and we're happy to answer them.

Log types

Log types not mentioned in below table are less relevant for common trouble shooting scenarios.

Log Type
Summary
Useful for ...

engine

Aggregated and correlated logs that provide key information on every authentication, e.g.

  • Timestamp

  • Authentication duration

  • Identity of the supplicant

  • Credentials used (username/password, certificate)

  • Client authentication certificate used incl. verification type (ocsp or crl) and verification result (valid or revoked)

  • Authentication decision (Accept or Reject)

  • Error message (Rejects only)

  • Applied rule

  • MAC addresses (authenticator / supplicant)

  • Network type (WiFi, LAN, VPN)

  • SSID (for WiFi only)

  • AAA protocol used (radius or radsec)

Most troubleshooting scenarios, e.g. debugging

  • Rule engine issues

proxy

detail

Comprehensive (raw) logs generated by the RadSec server(s). They include most EAP messages exchanged between supplicant and RADIUSaaS during authentication ("inner tunnel" messages).

  • Debugging of issues that go beyond what can be debugged with the engine logs, e.g. checking if authentications are incomplete (Acess-Reject or Access-Accept missing for a particular authentication)

  • Troubleshooting issues with the RadSec connection - if used by your infrastructure

    • Accessing the entire error message stack (found in Access-Reject messages) in case the error message parsed in the engine logs is ambiguous.

radsec

Comprehensive (raw) logs generated by the RadSec server(s) related to the RadSec connection.

  • Troubleshooting RadSec connections issues, e.g. trust issues.

  • Identifying certificates presented by the authenticators when establishing RadSec connections.

Generated by the (in case at least one is configured)

Determination of the (not applicable if RadSec is used)

Identifying

RADIUS Proxies
drop a message
Trust issues
Supplicant issues
wrongly configured RADIUS shared secrets
public IP address of the authenticating sites