Configuring audit settings

Configure how and when OneSpan Authentication Server should record audit messages. The following instructions are only specific to audit settings that need to be configured after installation. You will still need to properly configure your chosen audit method.

There are four different audit methods available in OneSpan Authentication Server:

• ODBC database
• Text file
• System log
• Live connection

For more information about configuring audit settings, refer to the OneSpan Authentication Server Administrator Guide.

Database

By default, OneSpan Authentication Server will audit to the database. In most cases, this option is faster than other auditing methods.

When auditing to database, OneSpan Authentication Server uses the following tables to store and process audit information:

• vdsAuditMsg
• vdsAuditMsgField

OneSpan Authentication Server also grants read-write permissions to the default database user for these tables. For added security, it is recommended that you reset this permission to read-only.

Text file

If auditing to a text file, you will need to decide how often a new text file should be created. The default frequency for creating new text files is monthly. To change this frequency, modify the variables used in the file name.

If OneSpan Authentication Server is configured to write to a text file set to IdentikeyServer-{year}-{month}.audit, a new text file will be created monthly. If the text file name is set to IdentikeyServer-{year}-{month}-{mday}.audit, a new text file will be created daily.

Syslog

On Linux installations, auditing can be set up to write to the Syslog. Correctly configuring the facility will enable separation of events from different sources.

Valid values are:

• User (default)
• daemon
• auth
• authpriv
• syslog
• localn (where n is a number between 0 and 7).

By default, the local0 facility is configured.

SSL re-configuration of multiple live audit connections

OneSpan Authentication Server supports multiple live audit connections.

When installing OneSpan Authentication Server for the first time, you will be asked to configure SSL certificates for live audit connections. Doing so will configure SSL for exactly one live audit connection, i.e. the first connection.

Note that the following features available via the Maintenance Wizard also configure the first connection only:

• Re-run installation wizard
• Change server component location
• Install SSL server certificate

The first live audit connection is the topmost entry in the Available Audit Methods pane of type live. To view this pane, navigate to the Auditing section of the Configuration Utility. You can use Move Up and Move Down to re-arrange the list of available audit methods.

You can add and configure multiple live audit connections after the initial installation.

If you have multiple live audit connections configured, you need to manually configure SSL certificates for each live audit connection. For more information, refer to the OneSpan Authentication Server Administrator Guide.