|
Home > |
|---|
Access the audit-level commands. Audit commands control HSM audit logging, and can be used only by the properly authenticated HSM Audit role, once that role has been initialized.
The lunacm "hsm" commands available to the "audit" user are restricted to "hsm show", and all "hsm ped" commands, except "hsm ped vector" commands. The "audit" appliance user is allowed to connect and disconnect remote PED connections, adjust timeout, and view connection information, but is not allowed to create (init) or erase a remote PED vector.
audit
changepw
config
export
import
init
login
logmsg
logout
status
time
verify
| Parameter | Shortcut | Description |
|---|---|---|
| changepw | changepw | Change the Audit user password or PED key. See "audit changepw". |
| config | co | Configure the audit parameters. See "audit config". |
| export | e | Read the wrapped log secret from the HSM. See "audit export". |
| import | m | Import the wrapped log secret to the HSM. See "audit import". |
| init | i | Initialize the HSM Audit user. See "audit init". |
| login | logi | Login to the HSM as the Audit user. See "audit login". |
| logmsg | logm | Write a message to the HSM's log. See "audit logmsg". |
| logout | logo | Logout from the HSM as the Audit user. See "audit logout". |
| status | s | Show the status of the logging subsystem. See "audit status". |
| time | t | Synchronize the HSM time to the host, or get the HSM time. See "audit time". |
| verify | v | Verify a block of log messages. See "audit verify". |