Mask Token Serial Numbers in Logs
You can configure RSA Authentication Manager to include only part of the token serial number in log data that is sent to applications outside of the AM instance. For example, you might do this when logging data to syslog, a local file, or a Network Management Server using Simple Network Management Protocol (SNMP).
You can configure AM to include zero to twelve digits of the token serial number. The default value is twelve, which includes the entire token serial number.
Procedure
On the primary instance, log on to the Security Console.
Click Setup > System Settings > Basic Settings > Logging.
Under Select Instance, choose the primary instance and click Next.
In Configure Settings, under Log Data Masking, in the Number of digits of the token serial number to display box, enter the number of digits.
Click Save.
The setting applies to all instances in your deployment.
Related Concepts
Related References
Related Tasks
Related Articles
How to Mask Token Serial Numbers in RSA Authentication Manager 8.X Logs Number of Views SQL command to list all token serial numbers in Authentication Manager 8.x and their associated security domains Number of Views Serial number is the only field visible when searching for tokens using Where search in RSA Authentication Manager 8.x Number of Views How to verify the serial number of the certificate used for an LDAPS connection in RSA Authentication Manager 8.x Number of Views Serial Number Mismatch Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager 8.9 Release Notes (January 2026) Supported On-Demand Authentication (ODA) SMS providers for use with RSA Authentication Manager 8.x Deploying RSA Authenticator 6.2.2 for Windows Using DISM
