MFA Guides

Enable Logging for MFA Client

Follow the below steps to implement event logging in a Windows environment for RapidIdentity Windows MFA Client.

Run Registry Editor as an Administrator
  1. From the Windows environment, open the Registry Editor.

  2. Click Start.

  3. Type "Run" and press Enter.

  4. In the dialog box, type "regedit."

  5. Click OK, or press Enter.

  6. Browse to the following key, "HKEY_LOCAL_MACHINE\SOFTWARE\Foray."

  7. Right-click the Foray key.

  8. Select New > DWORD (32-Bit) Value.

  9. Name the key "LogLevel."

  10. Double-click the LogLevel entry to open the Edit DWORD (32-bit) Value

  11. In the Value Data field, enter "3."

  12. Click OK.

  13. Close the Registry Editor.

Restart SLMonitor.exe

In order to restart SLMonitor.exe, first the process must be terminated.

  1. Open Task Manager.

  2. Under Processes, locate "slmonitor.exe" and End the process.

  3. Perform one of the following steps:

    1. Reboot the machine now to start logging.

    2. Restart slmonitor.exe manually by opening a command prompt in Windows and typing "slmonitor" then pressing the Enter key.


    There is no need to move to another folder, as any folder is able to run "slmonitor."

  4. Once the LogLevel registry entry has been created, 2FA ONE Client will create log entries.

    1. By default, logs will be created in the following folder: "C:\Program Files\2FA\ONE\Client\logs\."

    2. If logging had been previously enabled, delete the logs folder:  "C:\Program Files\2FA\ONE\Client\logs\."

      1. The log folder should reappear and "log.txt" and "sclog.txt" will be listed.