Notes About Logging
Most of the relevant logs are managed with the syslog commands, where you set rotation and other parameters to suit your own monitoring and management schedule.
NOTE Syslog format is in accordance with RFC 5424.
The NTP logs are not included in the periodic rotations in SafeNet Luna Network HSM. Our experience is that most customers want to accumulate NTP logs in one continuous file over a long period of time. Events are sufficiently infrequent that the NTP log file won’t grow very fast, and so would never fill up the whole log directory.
Customers can delete NTP logs and other log files, using this command:
lunash:>syslog cleanup
For NTP tracking and administration, only the ntp.log file is important. Ensure that you have retrieved a copy of that file before you run syslog cleanup.
Hardware Monitoring and Logging
1.SMART technology monitors the hard disk.
2.IPMI technology monitors CPU fan speed and temperature, as well as PSU (power supply unit) voltage, fan speed and temperature.
The system logs temperature changes of 2 degrees in either direction.
HSM Alarm Logging
The HSM card produces logs pertaining to the card status, including alarm messages for events such as zeroization, tamper events, and changes to Secure Transport Mode.
To search the system logs for HSM alarm messages:
Use the following command and include the -search option to search for log messages containing the string "ALM":
lunash:>syslog tail -logname messages -entries <#_of_entries> -search ALM
For full command syntax, see syslog tail in the LunaSH Command Reference Guide.
For example, this command will display all alarm messages from the last 200000 log entries:
lunash:>syslog tail -l messages -e 200000 -search ALM
2017 Apr 17 11:00:45 local_host kern info kernel: k7pf0: [HSM] ALM2006: HSM decommissioned by FW
2017 Apr 17 11:00:48 local_host kern info kernel: k7pf0: [HSM] ALM2014: Auto-activation data invalid - HSM deactivated
2017 Apr 17 11:01:12 local_host kern info kernel: k7pf0: [HSM] ALM2006: HSM decommissioned by FW
2017 Apr 17 11:01:14 local_host kern info kernel: k7pf0: [HSM] ALM2011: HSM unlocked - tamper clear done
2017 Apr 17 11:02:47 local_host kern info kernel: k7pf0: [HSM] ALM2007: HSM zeroized
2017 Apr 17 11:02:47 local_host kern info kernel: k7pf0: [HSM] ALM2005: HSM deactivated
2017 Apr 17 11:15:32 local_host kern info kernel: k7pf0: [HSM] ALM2013: HSM recovered from secure transport mode
Command Result : 0 (Success)