Logs

You can access basically every log that the platform generates. Naturally, this means that you may not be able to understand everything which you can read. You don't have to. If you have any questions, drop a message and we're happy to answer them.

Log Types

Log types not mentioned in below table are less relevant for common trouble shooting scenarios.

Log Type Summary Useful for ...

Log Type	Summary	Useful for ...
`engine`	Aggregated and correlated logs that provide key information on every authentication, e.g. Timestamp Authentication duration Identity of the supplicant Credentials used (username/password, certificate) Client authentication certificate used incl. verification type (`ocsp` or `crl`) and verification result (`valid` or `revoked`) Authentication decision (`Accept` or `Reject`) Error message (Rejects only) Applied rule MAC addresses (authenticator / supplicant) Network type (`WiFi`, `LAN`, `VPN`) SSID (for WiFi only) AAA protocol used (`radius` or `radsec`)	Most troubleshooting scenarios, e.g. debugging Trust issues Supplicant issues Rule engine issues
`proxy`	Generated by the RADIUS Proxies (in case at least one is configured)	Determination of the public IP address of the authenticating sites (not applicable if RadSec is used) Identifying wrongly configured RADIUS shared secrets
`detail`	Comprehensive (raw) logs generated by the RadSec server(s). They include most EAP messages exchanged between supplicant and RADIUSaaS during authentication ("inner tunnel" messages).	Debugging of issues that go beyond what can be debugged with the engine logs, e.g. checking if authentications are incomplete (Acess-Reject or Access-Accept missing for a particular authentication) Troubleshooting issues with the RadSec connection - if used by your infrastructure Accessing the entire error message stack (found in Access-Reject messages) in case the error message parsed in the engine logs is ambiguous.
`radsec`	Comprehensive (raw) logs generated by the RadSec server(s) related to the RadSec connection.	Troubleshooting RadSec connections issues, e.g. trust issues. Identifying certificates presented by the authenticators when establishing RadSec connections.

engine

Aggregated and correlated logs that provide key information on every authentication, e.g.

Timestamp
Authentication duration
Identity of the supplicant
Credentials used (username/password, certificate)
Client authentication certificate used incl. verification type (ocsp or crl) and verification result (valid or revoked)
Authentication decision (Accept or Reject)
Error message (Rejects only)
Applied rule
MAC addresses (authenticator / supplicant)
Network type (WiFi, LAN, VPN)
SSID (for WiFi only)
AAA protocol used (radius or radsec)

Most troubleshooting scenarios, e.g. debugging

Trust issues
Supplicant issues
Rule engine issues

proxy

Generated by the RADIUS Proxies (in case at least one is configured)

Determination of the public IP address of the authenticating sites (not applicable if RadSec is used)
Identifying wrongly configured RADIUS shared secrets

detail

Comprehensive (raw) logs generated by the RadSec server(s). They include most EAP messages exchanged between supplicant and RADIUSaaS during authentication ("inner tunnel" messages).

Debugging of issues that go beyond what can be debugged with the engine logs, e.g. checking if authentications are incomplete (Acess-Reject or Access-Accept missing for a particular authentication)
Troubleshooting issues with the RadSec connection - if used by your infrastructure
- Accessing the entire error message stack (found in Access-Reject messages) in case the error message parsed in the engine logs is ambiguous.

radsec

Comprehensive (raw) logs generated by the RadSec server(s) related to the RadSec connection.

Troubleshooting RadSec connections issues, e.g. trust issues.
Identifying certificates presented by the authenticators when establishing RadSec connections.

Last updated 1 month ago