-
Notifications
You must be signed in to change notification settings - Fork 139
Accessing Signed Audit Logs
Endi S. Dewata edited this page Oct 25, 2021
·
6 revisions
Since 10.4.2 PKI provides CLI to allow auditors to access the audit log files on the server.
In order to access the audit logs, the administrator needs to create a user for the auditor.
First, create a system user with user certificate authentication.
Then add the user into the Auditors
group:
$ pki -n caadmin ca-group-member-add Auditors <user>
The auditor will be able to access the audit logs as follows:
$ pki -n auditor ca-audit-file-...
To list all available audit log files:
$ pki -n auditor ca-audit-file-find ----------------- 3 entries matched ----------------- File name: ca_audit.20170331225716 Size: 2883 File name: ca_audit.20170401001030 Size: 189 File name: ca_audit Size: 6705 ---------------------------- Number of entries returned 3 ----------------------------
To retrieve an audit log file and store it locally:
$ pki -n auditor ca-audit-file-retrieve <filename>
To retrieve an audit log file and store it in a different file:
$ pki -n auditor ca-audit-file-retrieve <filename> --output <new filename>
Tip
|
To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis. |