Configuring audit settings

Configure how and when OneSpan Authentication Server should record audit messages. The following instructions are only specific to audit settings that need to be configured after installation. You will still need to properly configure your chosen audit method.

There are four different audit methods available in OneSpan Authentication Server:

  • ODBC database
  • Text file
  • System log
  • Live connection

For more information about configuring audit settings, refer to the OneSpan Authentication Server Administrator Guide.

Database

By default, OneSpan Authentication Server will audit to the database. In most cases, this option is faster than other auditing methods.

When auditing to database, OneSpan Authentication Server uses the following tables to store and process audit information:

  • vdsAuditMsg
  • vdsAuditMsgField

OneSpan Authentication Server also grants read-write permissions to the default database user for these tables. For added security, it is recommended that you reset this permission to read-only.

Text file

If auditing to a text file, you will need to decide how often a new text file should be created. The default frequency for creating new text files is monthly. To change this frequency, modify the variables used in the file name.

If OneSpan Authentication Server is configured to write to a text file set to IdentikeyServer-{year}-{month}.audit, a new text file will be created monthly. If the text file name is set to IdentikeyServer-{year}-{month}-{mday}.audit, a new text file will be created daily.

Syslog

On Linux installations, auditing can be set up to write to the Syslog. Correctly configuring the facility will enable separation of events from different sources.

Valid values are:

  • User (default)
  • daemon
  • auth
  • authpriv
  • syslog
  • localn (where n is a number between 0 and 7).

By default, the local0 facility is configured.