Encryption: SAS Logging Facility

Security-related events are now logged as part of the system-wide logging facility. If the LOGCONFIGLOC= system option is specified when SAS starts, logging is performed by the SAS logging facility. The following table lists security-related loggers.
Note: The logging of the SAS Deployment Manager add and remove certificate tasks for managing of the Trusted CA Bundle is located at <SASHOME>/InstallMisc/InstallLogs/certframe*.
Selected Security-Related Loggers
Logger
SAS/SECURE Information
App.tk.eam
Logs security information.
App.tk.eam.ssl
Logs TLS encryption information including the OpenSSL protocol and cipher suites being used.
App.tk.eam.sas
Logs SAS Proprietary encryption information.
App.tk.eam.rsa
Logs RC2, RC4, DES, DES3, and AES encryption information.
App.tk.eam.rsa.pbe
Enables or disables the password-based encryption processing that creates a key.
App.tk.eam.rsa.capi
Logs RC2, RC4, DES, and DES3 encryption information for Windows C API.
App.tk.eam.rsa.cc
Logs RC2, RC4, DES, DES3, and AES encryption information for RSA BSAFE® Crypto-C.
App.tk.eam.rsa.ccme
Logs AES encryption information for RSA BSAFE® Crypto-C ME. This log is for FIPS.
App.tk.eam.rsa.icsf
Logs AES encryption information for IBM Integrated Cryptographic Service Facility (ICSF). This log is for FIPS.
Note: On z/OS, if the SAS Logging Facility loggers App.tk.eam.ssl or App.tk.eam.rsa are in DEBUG or TRACE levels, SAS writes the debug file to the location specified by the TKELBOX_CRYPTO_DEBUG_LOG variable in the TKMVSENV file. If the specified filename is not found in TKMVSENV, then SAS saves the file in either /tmp/sas.rsabxdbg.<process_id>.log for RC2, RC4, DES, and TRIPLEDES, or in /tmp/sas.sslbxdbg<process_id>.log for TLS.

See Also

For information, see Overview of the SAS Logging Facility in SAS Logging: Configuration and Programming Reference