RADIUS server logging

RADIUS logs are helpful when troubleshooting

  • Windows logs can be found in:
    C:\Program Files (x86)\Okta\Okta RADIUS Agent\current\logs
    okta_radius.log contains authentication messages, errors, etc.
  • Linux logs can be found in:
    /opt/okta/ragent/logs
    To gather all logs together use a command similar to:
    $ tar -zcvf logs.tar.gz /opt/okta/ragent/logs
  • Okta Syslog
  • The Okta logs will let you know if we are passing the credentials to an AD agent.

  • Device logs (Cisco/F5/Netscaler/etc)
  • Look for keywords, such as username used to authenticate via RADIUS, and then error messages or warnings.

     

    Logging levels can be managed by editing the log4j.properties file.

  • To increase the logging level:

    1. Open the log4j.properties file from the installation folder
      Windows: C:\Program Files (x86)\Okta\Okta RADIUS Agent\current\user\config\radius\.
      Linux: /opt/okta/ragent/user/config/radius.
    2. Change all three instances of info to debug. Which, when updated, should resemble:
      • log4j.logger.app=debug, app
      • log4j.logger.access=debug, access
      • log4j.rootLogger=debug, app, stdout