Enabling MFA Client Logs
  • 05 Jan 2023
  • 1 Minute to read
  • Contributors
  • Dark
    Light

Enabling MFA Client Logs

  • Dark
    Light

Article summary

There are 2 ways to enable the MFA client logs. The first method enables logs on just the one computer, and it's done manually. The second method enables the logs through your MFA policy and enables the logs on all MFA clients that sync with that MFA policy.

Method 1 - Manually

  1. On the target client computer, navigate to:
    Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Foray

  2. In Foray, create a new DWORD value:
    DWORD32.jpg

  3. Set LogLevel's value to 3 (this level captures ALL Information, Errors, and Debug Trace).
    logLevel.png

  4. Close out the Registry Editor when you're finished.

  5. Open your computer's Task Manager.

  6. In your Processes, look for "slmonitor". When you locate this process, highlight it in the Task Manager console and click "End Task" in the bottom right or by right-clicking the process itself.

  7. Back in the top left-hand corner, click File > Run new task and click "OK".
    slmonitor.png

The logs have been succesfully enabled and can be located at:

C:\Program Files\2FA\ONE\Client\logs\

Note: To turn the logs back OFF, set the LogLevel value to 0 and restart the "slmonitor" once more.


Method 2 - MFA Policy

  1. In your MFA Portal, log in and go to the Policies tab.

  2. On the left-hand side, click on "View All Policies".

  3. This will bring up all of your MFA policies. Next to the policy/group of computers you wish to enable MFA client logs on, click "Edit". If you have more than the one policy, it's important to know that the GlobalDefault policy will not enable logs for other policies. The other policies will have to be set separately.

  4. When the policy editor window appears, click on the General tab.

  5. Set Log Level to "3 - Everything".

  6. *Optional - Check Log Scope and select the activity you wish to capture. Typical log gathering consists of the options marked in the example.

  7. *Optional - Check Log Folder Size and set the value to limit the size of your log file(s). The default is 1024 kb.

  8. Finally, click "Save" when you're finished. The clients will automatically sync and pull their new instruction to begin logging over time. The default auto-sync time is 2 hours.
    generalTab.png

The client logs can be located at:

C:\Program Files\2FA\ONE\Client\logs\

Was this article helpful?