|
Home > |
|---|
Set the audit logging configuration parameters. This command allows you to configure the following:
•which events are captured in the log.
•the log rotation interval.
audit config -parameter <parameter> -value <value> -serial <serialnum>
| Parameter | Shortcut | Description |
|---|---|---|
| evmask | e |
The value you want to configure for the specified parameter. Valid values for the event parameter Enter a comma-separated list of events to log. In addition to specifying an event category, you must also specify the conditions under which those events are to be logged - either 'f' for failures, or 's' for successes, or both. Any or all of the following may be specified: •[f]ailure: log command failures •[s]uccess: log command successes •[a]ccess: log access attempts (logins) •[m]anage: log HSM management (init/reset/etc) •[k]eymanage: key management events (key create/delete) •[u]sage: key usage (enc/dec/sig/ver) •fi[r]st: first key usage only (enc/dec/sig/ver) •e[x]ternal: log messages from CA_LogExternal •lo[g]manage: log events relating to log configuration •a[l]l: log everything (user will be warned) •[n]one: turn logging off Note: When specifying an event class to log, you must specify whether successful or failed events are to be logged. For example, to log all key management events you would use the command "audit config e t,s,f". |
| get | g | get (show) the current configuration |
| interval | i | Valid values for the rotation interval parameter
Enter one of the following options for the log rotation interval: •hourly [@min] •daily [@hour:min] •weekly [@day:hour:min] •monthly [@date:hour:min] •never |
| path | p | path on the HOST to which logs will be written |
| size | s |
size limit of a log, to trigger rotation Valid values for the size parameter Enter one of the following options for the log rotation interval: •s : an integer string followed by 'k' for KB (default) or 'm' for MB •n: never rotate based on size |
audit config e s audit all command successes
audit config e f audit all command failures
audit config e u,f,s audit all key usage requests,
both success and failure
audit config n log nothing
audit config p /usr/lunapci/log set path
audit config i daily@12:05 rotate logs daily at 12:05
audit config s 4096 rotate logs when 4MB is exceeded
audit config s n never rotate based on size
lunacm:> audit config e l,f,s
You have chosen to log all successful key usage events. This can result in
an extremely high volume of log messages, which will significantly degrade
the overall performance of the HSM.
Are you sure you wish to continue?
Type 'proceed' to continue, or 'quit' to quit now -> proceed
Command Result : No Error
lunacm:> audit config get
Current Logging Configuration
-----------------------------
event mask : Log everything
rotation interval : daily@0:00
rotation size (KB): never rotate
path to log :
Command Result : No Error
lunacm:>
Note: In the above example of output from 'audit config get', the configuration rotates the logs daily; the "never rotate" merely says "do not rotate due to size". So, from that specified configuration, you get one log each day, regardless of how big it might become.