Managing Audit Files

Individual audit records can be viewed in the live audit viewer, and filtered and exported using the OneSpan Authentication Server Appliance Configuration Tool.

Events generated by the OneSpan Authentication Server component for auditing are stored in the internal database. They are moved to an audit database on a monthly basis or until a maximum audit data size limit of 500 MB is reached. When this limit is exceeded, new audit data is stored in a new database part.

Parts of the database can be downloaded and deleted via the OneSpan Authentication Server Appliance Configuration Tool. Downloading is the same as the exporting, but uses a format compatible with OneSpan Authentication Server.

Figure:  Live Audit Viewer

Exporting and downloading auditing information

Exporting auditing information can be useful in the following cases:

• One reporting system is used for all servers on a network.
• Auditing information needs to be kept for a long time.

You can use filters to define which data should be exported.

Exported data can use different formats:

• IDENTIKEY. Select this option for OneSpan Authentication Server compatibility. It allows you to import the exported data to an instance of OneSpan Authentication Server that is acting as a dedicated reporting server in a setup with multiple OneSpan Authentication Server and/or OneSpan Authentication Server Appliance instances.
• CSV. The comma-separated values format allows the data to be imported by other auditing systems.

Although it is still called CSV format, the CSV option creates an export file that uses tab characters as the separator, not a comma!