Skip to Content
Author's profile photo Stephan Andre

Secure Login Server: Track User Enrollments


You need to know how many user enrollments have been performed by Secure Login Server in a given period of time, either for auditing reasons, to optimise the system resources, to find peaks and clusters in your user´s SSO day, or to find issues and potential attacks.


Secure Login Server 2.0 / 3.0 does not provide its own audit logs. Instead, all successful or failed enrollment events are put into NetWeaver standard logs.

For advanced use cases, Secure Login Server is also able to write all successfully enrolled user requests and responses into the file system.


In NetWeaver Administrator, go to Troubleshooting > Logs and Traces >  Log Viewer.

Select View > Customize Layout, and add the column User to your Table Layout.

Select Show Advanced Filter.

Add Application contains, Date and Time Equals <you desired period>, and Message contains CERTIFICATE CREATION.

Select Apply Filters.

The table now shows all log events of successfully enrolled user certificates. To do an advanced analysis, you can export the results as Excel sheet.


In Secure Login Administration Console, go to Profile Management > Authentication Profiles.

In the profile(s) you want to track, go to Certificate Configuration > Certificate Archiving and Storage.

Turn on the switch Enable storing of archiving certificate, and enter a folder that is accessible in your Secure Login Server host. Make sure that sufficient write permissions are given for your SIDADM, and care for sufficient disk space – once a write operation fails, the profile gets locked automatically. Secure Login Server does not remove such archived files.

Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo Robert Ismaier
      Robert Ismaier

      Hello Stephan,

      thanks for the great blog.

      Is it planned to have the archiving features also for certificates coming from a remote CA?

      with best regards


      Author's profile photo Stephan Andre
      Stephan Andre
      Blog Post Author

      Hello Robert,

      no, as this is assumed to be a key feature of the respective Remote CA product.