audit log tarlogs

Archives log files to audit.tgz file in the user local directory.

The audit log tarlogs and untarlogs commands affect the appliance file system, and do not involve the HSM -- they are working on logs that have previously been exported from the HSM.

User Privileges

Only specialized Audit users can access audit commands.

Syntax

audit log tarlogs [-serial <serialnum>]

Argument(s) Shortcut Description
-serial <serialnum> -s

Specifies the serial number of the HSM from which you want to tar the logs. This option is required only when there are multiple attached HSMs.The default is to use the embedded HSM.

Example

lunash:>audit log tarlogs

WARNING: You will need to export the encrypted log secret 66331.lws
         by running the 'audit secret export' command in order to
         verify these logs on another HSM!

Compressing log files:

66331/
66331/ready_for_archive/
66331/ready_for_archive/hsm_66331_00000004.log
66331/ready_for_archive/hsm_66331_00000006.log
66331/ready_for_archive/hsm_66331_00000002.log
66331/ready_for_archive/hsm_66331_00000007.log
66331/ready_for_archive/hsm_66331_00000009.log
66331/ready_for_archive/hsm_66331_00000008.log
66331/ready_for_archive/hsm_66331_00000005.log
66331/ready_for_archive/hsm_66331_00000003.log
66331/hsm_66331_0000000a.log

The tar file containing logs is now available as file 'audit-66331.tgz'.
If you wish to verify your logs on another SA, scp them to another SA's audit
directory then use the 'audit log untar' command.

Command Result : 0 (Success)