Logs
Last updated
Last updated
You can access basically every log that the platform generates. Naturally, this means that you may not be able to understand everything which you can read. You don't have to. If you have any questions, drop a message and we're happy to answer them.
Log types not mentioned in below table are less relevant for common trouble shooting scenarios.
engine
Aggregated and correlated logs that provide key information on every authentication, e.g.
Timestamp
Authentication duration
Identity of the supplicant
Credentials used (username/password, certificate)
Client authentication certificate used incl. verification type (ocsp or crl) and verification result (valid or revoked)
Authentication decision (Accept or Reject)
Error message (Rejects only)
Applied rule
MAC addresses (authenticator / supplicant)
Network type (WiFi, LAN, VPN)
SSID (for WiFi only)
AAA protocol used (radius or radsec)
Most troubleshooting scenarios, e.g. debugging
Rule engine issues
proxy
detail
Comprehensive (raw) logs generated by the RadSec server(s). They include most EAP messages exchanged between supplicant and RADIUSaaS during authentication ("inner tunnel" messages).
Debugging of issues that go beyond what can be debugged with the engine logs, e.g. checking if authentications are incomplete (Acess-Reject or Access-Accept missing for a particular authentication)
Troubleshooting issues with the RadSec connection - if used by your infrastructure
Accessing the entire error message stack (found in Access-Reject messages) in case the error message parsed in the engine logs is ambiguous.
radsec
Comprehensive (raw) logs generated by the RadSec server(s) related to the RadSec connection.
Troubleshooting RadSec connections issues, e.g. trust issues.
Identifying certificates presented by the authenticators when establishing RadSec connections.
Generated by the (in case at least one is configured)
Determination of the (not applicable if RadSec is used)
Identifying
