Use the Authentication Logs for Troubleshooting
Table of Contents
Expand all | Collapse all
-
- Cloud Identity Engine Attributes
- Collect Custom Attributes with the Cloud Identity Engine
- View Directory Data
- Cloud Identity Engine User Context
- Create a Cloud Dynamic User Group
- Configure Third-Party Device-ID
- Configure an IP Tag Cloud Connection
- Configure Dynamic Privilege Access in the Cloud Identity Engine
-
-
- Configure Azure as an IdP in the Cloud Identity Engine
- Configure Okta as an IdP in the Cloud Identity Engine
- Configure PingOne as an IdP in the Cloud Identity Engine
- Configure PingFederate as an IdP in the Cloud Identity Engine
- Configure Google as an IdP in the Cloud Identity Engine
- Configure a SAML 2.0-Compliant IdP in the Cloud Identity Engine
- Configure a Client Certificate
- Set Up an Authentication Profile
- Configure Cloud Identity Engine Authentication on the Firewall or Panorama
- Configure the Cloud Identity Engine as a Mapping Source on the Firewall or Panorama
- Configure Dynamic Privilege Access in the Cloud Identity Engine
-
- Get Help
Use the Authentication Logs for Troubleshooting
Learn how to check the Authentication Logs for information that you can use to
troubleshoot authentication issues with the Cloud Identity Engine.
To troubleshoot authentication issues with identity providers or the
firewall, use the Authentication
Logs to review messages to the log.
Each authentication phase generates at least two log entries, with the exception
of SAML authentication using multiple CA chains in a certificate type, which
generates three log entries.
- In the Cloud Identity Engine app, select.AuthenticationAuthentication Logs
- To ensure the page displays the latest data, clickApply Search/Refresh.
- Use theDateselector to search based on when the issue occurred.
- Select the number of results you want toShowon each page.
- Select whether you want to display the results in order ofNewest firstorNewest last.
- Select aProfileto restrict the search results to a specific identity provider (IdP) profile.
- Select theStatusyou want to display (All Status,Success, orFail).
- ToSearch by keyword, enter a search term andApply Search.
- To view the SAML request and response and the JSON web token (JWT), select theDetails(The log details display, allowing you to review theData Receivedby the Cloud Identity Engine from your IdP and theData Sentby the IdP to the Cloud Identity Engine. You can copy (
- Review the results to look for entries that indicate issues.
- (Optional)Exportthe results as a .CSV file.