RSA Security 6.1 manual Level of Logging Detail, Controlling Log File Size

Level of Logging Detail

You can control the level of detail recorded in the system log files with

LogLevel, LogAccept, and LogReject settings.

XThe LogLevel setting determines the level of detail given in the RADIUS system log file. The LogLevel can be 0, 1, or 2, where 0 is the least amount of information, 1 is intermediate, and 2 is the most verbose. It is specified in the [Configuration] section of radius.ini file.

XThe LogAccept and LogReject flags allow you to turn on or off the logging of Access-Accept and Access-Reject messages in the log file. These flags are set in the [Configuration] section of radius.ini: a value of 1 (the default) causes these messages to be logged, and a value of 0 causes the messages to be omitted. An Accept or Reject is logged only if LogAccept or LogReject, respectively, is enabled and the LogLevel is “verbose” enough for the message to be recorded.

The TraceLevel setting specifies whether packets should be logged when they are received and being processed, and what level of detail should be recorded in the log.

Controlling Log File Size

Optionally, you can specify a maximum size for a RADIUS system log file by entering a non-zero value for the LogfileMaxMBytes setting in the [Configuration] section of the radius.ini file.

XIf a maximum file size is set, the name of the RADIUS system log file identifies the date and time it was opened (YYYYMMDD_HHMM.log). When the current RADIUS system log file approaches the specified number of megabytes (1024 x 1024 bytes), the current log file is closed and a new one is opened. The closed file will be slightly smaller than the specified maximum file size.

XIf the maximum file size is set to 0 (or if the LogfileMaxMBytes setting is absent), the RADIUS system log file size is ignored and log file names are datestamped to identify when they were opened (YYYYMMDD.log).

NOTE: If LogFileMaxMBytes is configured for a small non-zero number, the log file may exceed the specified maximum file size in less than a minute. To avoid file name collisions (two log files created during the same minute interval), the log info does not roll over more than once per minute. Instead, the log file size is ignored until the minute precision clock changes to ensure that log files have unique file names. No log data is lost.