> For the complete documentation index, see [llms.txt](https://docs.radiusaas.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.radiusaas.com/admin-portal/insights/log.md).

# Logs

You can access basically every log that the platform generates. Naturally, this means that you may not be able to understand everything which you can read. You don't have to. If you have any questions, [drop a message](https://www.radius-as-a-service.com/drop-a-question) and we're happy to answer them.

<figure><img src="/files/qrRrxtkBYNbj66AS1SZs" alt=""><figcaption></figcaption></figure>

## Log types

Log types **not** mentioned in below table are less relevant for common trouble shooting scenarios.

| Log Type | Summary                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 | Useful for ...                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
| -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `engine` | <p>Aggregated and correlated logs that provide key information on every authentication, e.g.</p><ul><li>Timestamp</li><li>Authentication duration</li><li>Identity of the supplicant</li><li>Credentials used (username/password, certificate)</li><li>Client authentication certificate used incl. verification type (<code>ocsp</code> or <code>crl</code>) and verification result (<code>valid</code> or <code>revoked</code>)</li><li>Authentication decision (<code>Accept</code> or <code>Reject</code>)</li><li>Error message (Rejects only)</li><li>Applied rule</li><li>MAC addresses (authenticator / supplicant)</li><li>Network type (<code>WiFi</code>, <code>LAN</code>, <code>VPN</code>)</li><li>SSID (for WiFi only)</li><li>AAA protocol used (<code>radius</code> or <code>radsec</code>)</li></ul> | <p>Most troubleshooting scenarios, e.g. debugging</p><ul><li><a href="/pages/-MYxqoQnFAGPW9zN_JKy#unknown-ca">Trust issues</a></li><li><a href="/pages/-MYxqoQnFAGPW9zN_JKy#fatal-decrypt-or-access-denied">Supplicant issues</a></li><li>Rule engine issues</li></ul>                                                                                                                                                                                                                                                                                      |
| `proxy`  | Generated by the [RADIUS Proxies](/admin-portal/settings/settings-proxy.md) (in case at least one is configured)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | <ul><li>Determination of the <a href="/pages/avEhUosY3x9VZiyR0DVn#how-can-i-identify-the-public-ip-address-pip-of-the-site-from-which-an-authentication-originates"><strong>public IP address of</strong> the authenticating <strong>sites</strong></a> (not applicable if RadSec is used)</li><li>Identifying <a href="/pages/-MYxqoQnFAGPW9zN_JKy#wrong-shared-radius-secret"><strong>wrongly configured RADIUS shared secrets</strong></a></li></ul>                                                                                                     |
| `detail` | Comprehensive (raw) logs generated by the RadSec server(s). They include most EAP messages exchanged between supplicant and RADIUSaaS during authentication ("inner tunnel" messages).                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  | <ul><li>Debugging of issues that go beyond what can be debugged with the engine logs, e.g. checking if <strong>authentications</strong> are <strong>incomplete</strong> (Acess-Reject or Access-Accept missing for a particular authentication)</li><li><p>Troubleshooting issues with the <strong>RadSec connection</strong> - if used by your infrastructure</p><ul><li>Accessing the <strong>entire error message stack</strong> (found in Access-Reject messages) in case the error message parsed in the engine logs is ambiguous.</li></ul></li></ul> |
| `radsec` | Comprehensive (raw) logs generated by the RadSec server(s) related to the RadSec connection.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | <ul><li>Troubleshooting RadSec connections issues, e.g. trust issues.</li><li>Identifying certificates presented by the authenticators when establishing RadSec connections.</li></ul>                                                                                                                                                                                                                                                                                                                                                                      |


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.radiusaas.com/admin-portal/insights/log.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.