|
 |
86bca3 |
diff --git a/base/ca/shared/conf/CS.cfg b/base/ca/shared/conf/CS.cfg
|
|
|
86bca3 |
index 63cb299..2d5d962 100644
|
|
|
86bca3 |
--- a/base/ca/shared/conf/CS.cfg
|
|
|
86bca3 |
+++ b/base/ca/shared/conf/CS.cfg
|
|
|
86bca3 |
@@ -911,7 +911,7 @@ log.instance.SignedAudit._007=## $ pki-server ca-audit-event-enable/disable
|
|
|
86bca3 |
log.instance.SignedAudit._008=##
|
|
|
86bca3 |
log.instance.SignedAudit.bufferSize=512
|
|
|
86bca3 |
log.instance.SignedAudit.enable=true
|
|
|
86bca3 |
-log.instance.SignedAudit.events=ACCESS_SESSION_ESTABLISH,ACCESS_SESSION_TERMINATED,AUDIT_LOG_SHUTDOWN,AUDIT_LOG_SIGNING,AUDIT_LOG_STARTUP,AUTH,AUTHORITY_CONFIG,AUTHZ,CERT_PROFILE_APPROVAL,CERT_REQUEST_PROCESSED,CERT_SIGNING_INFO,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,CLIENT_ACCESS_SESSION_ESTABLISH,CLIENT_ACCESS_SESSION_TERMINATED,CMC_REQUEST_RECEIVED,CMC_RESPONSE_SENT,CMC_SIGNED_REQUEST_SIG_VERIFY,CMC_USER_SIGNED_REQUEST_SIG_VERIFY,CONFIG_ACL,CONFIG_AUTH,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_ENCRYPTION,CONFIG_ROLE,CONFIG_SERIAL_NUMBER,CONFIG_SIGNED_AUDIT,CONFIG_TRUSTED_PUBLIC_KEY,CRL_SIGNING_INFO,DELTA_CRL_GENERATION,FULL_CRL_GENERATION,KEY_GEN_ASYMMETRIC,LOG_PATH_CHANGE,OCSP_GENERATION,OCSP_SIGNING_INFO,PROFILE_CERT_REQUEST,PROOF_OF_POSSESSION,RANDOM_GENERATION,ROLE_ASSUME,SECURITY_DATA_ARCHIVAL_REQUEST,SECURITY_DOMAIN_UPDATE,SELFTESTS_EXECUTION,SERVER_SIDE_KEYGEN_REQUEST,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED
|
|
|
86bca3 |
+log.instance.SignedAudit.events=ACCESS_SESSION_ESTABLISH,ACCESS_SESSION_TERMINATED,AUDIT_LOG_SIGNING,AUDIT_LOG_STARTUP,AUTH,AUTHORITY_CONFIG,AUTHZ,CERT_PROFILE_APPROVAL,CERT_REQUEST_PROCESSED,CERT_SIGNING_INFO,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,CLIENT_ACCESS_SESSION_ESTABLISH,CLIENT_ACCESS_SESSION_TERMINATED,CMC_REQUEST_RECEIVED,CMC_RESPONSE_SENT,CMC_SIGNED_REQUEST_SIG_VERIFY,CMC_USER_SIGNED_REQUEST_SIG_VERIFY,CONFIG_ACL,CONFIG_AUTH,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_ENCRYPTION,CONFIG_ROLE,CONFIG_SERIAL_NUMBER,CONFIG_SIGNED_AUDIT,CONFIG_TRUSTED_PUBLIC_KEY,CRL_SIGNING_INFO,DELTA_CRL_GENERATION,FULL_CRL_GENERATION,KEY_GEN_ASYMMETRIC,LOG_PATH_CHANGE,OCSP_GENERATION,OCSP_SIGNING_INFO,PROFILE_CERT_REQUEST,PROOF_OF_POSSESSION,RANDOM_GENERATION,ROLE_ASSUME,SCHEDULE_CRL_GENERATION,SECURITY_DOMAIN_UPDATE,SELFTESTS_EXECUTION,SERVER_SIDE_KEYGEN_REQUEST,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED
|
|
|
86bca3 |
log.instance.SignedAudit.filters.CMC_SIGNED_REQUEST_SIG_VERIFY=(Outcome=Failure)
|
|
|
86bca3 |
log.instance.SignedAudit.filters.CMC_USER_SIGNED_REQUEST_SIG_VERIFY=(Outcome=Failure)
|
|
|
86bca3 |
log.instance.SignedAudit.filters.DELTA_CRL_GENERATION=(Outcome=Failure)
|
|
|
86bca3 |
diff --git a/base/java-tools/man/man1/PKICertImport.1 b/base/java-tools/man/man1/PKICertImport.1
|
|
|
86bca3 |
new file mode 100644
|
|
|
86bca3 |
index 0000000..c1bd6e3
|
|
|
86bca3 |
--- /dev/null
|
|
|
86bca3 |
+++ b/base/java-tools/man/man1/PKICertImport.1
|
|
|
86bca3 |
@@ -0,0 +1,74 @@
|
|
|
86bca3 |
+.\" First parameter, NAME, should be all caps
|
|
|
86bca3 |
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
|
|
|
86bca3 |
+.\" other parameters are allowed: see man(7), man(1)
|
|
|
86bca3 |
+.TH PKICertImport 1 "Jan 30, 2019" "version 10.6" "PKI certificate import tool" Dogtag Team
|
|
|
86bca3 |
+.\" Please adjust this date whenever revising the man page.
|
|
|
86bca3 |
+.\"
|
|
|
86bca3 |
+.\" Some roff macros, for reference:
|
|
|
86bca3 |
+.\" .nh disable hyphenation
|
|
|
86bca3 |
+.\" .hy enable hyphenation
|
|
|
86bca3 |
+.\" .ad l left justify
|
|
|
86bca3 |
+.\" .ad b justify to both left and right margins
|
|
|
86bca3 |
+.\" .nf disable filling
|
|
|
86bca3 |
+.\" .fi enable filling
|
|
|
86bca3 |
+.\" .br insert line break
|
|
|
86bca3 |
+.\" .sp <n> insert n+1 empty lines
|
|
|
86bca3 |
+.\" for man page specific macros, see man(7)
|
|
|
86bca3 |
+.SH NAME
|
|
|
86bca3 |
+PKICertImport \- Used to safely validate and import certificates into the NSS database.
|
|
|
86bca3 |
+
|
|
|
86bca3 |
+.SH SYNOPSIS
|
|
|
86bca3 |
+.PP
|
|
|
86bca3 |
+\fBUsage: PKICertImport -d <location of nssdb> -i <location of certificate> -n <nickname for certificate> -t <trust flags> -u <usage flags> [-h <hardware token name>] [-f <password file>] [-a]\fP
|
|
|
86bca3 |
+
|
|
|
86bca3 |
+Validate and import a certificate into the specified NSS database. Verifies signature, trust chain, trust, and usage flags. If a certificate is not valid, it will not be added to the NSS DB or specified hardware token.
|
|
|
86bca3 |
+
|
|
|
86bca3 |
+.SH DESCRIPTION
|
|
|
86bca3 |
+.PP
|
|
|
86bca3 |
+The certificate import utility validates signature, trust chain, trust, and usage flags before importing a certificate into the specified NSS database. This ensures that no certificate is used before its authenticity has been verified. Unlike \fBcertutil\fP, only one invocation is necessary to both validate and import certificates.
|
|
|
86bca3 |
+.PP
|
|
|
86bca3 |
+See \fBcertutil\fP for more information about the parameters to \fBPKICertImport\fP.
|
|
|
86bca3 |
+
|
|
|
86bca3 |
+.SH OPTIONS
|
|
|
86bca3 |
+.PP
|
|
|
86bca3 |
+\fBPKICertImport\fP parameters:
|
|
|
86bca3 |
+.PP
|
|
|
86bca3 |
+.TP
|
|
|
86bca3 |
+.B --ascii, -a
|
|
|
86bca3 |
+The certificate is encoded in ASCII (PEM) format instead of binary format. Optional.
|
|
|
86bca3 |
+
|
|
|
86bca3 |
+.TP
|
|
|
86bca3 |
+.B --database, -d <location of NSS db>
|
|
|
86bca3 |
+The directory containing the NSS database. This is usually the client's personal directory. Required.
|
|
|
86bca3 |
+
|
|
|
86bca3 |
+.TP
|
|
|
86bca3 |
+.B --password, -f <location of password file>
|
|
|
86bca3 |
+The path to a file containing the password to the NSS database. Optional.
|
|
|
86bca3 |
+
|
|
|
86bca3 |
+.TP
|
|
|
86bca3 |
+.B --hsm, -h <hardware token name>
|
|
|
86bca3 |
+Name of the token. By default it takes 'internal'. Optional.
|
|
|
86bca3 |
+
|
|
|
86bca3 |
+.TP
|
|
|
86bca3 |
+.B --certificate, -i <location of certificate>
|
|
|
86bca3 |
+Path to the certificate to import. Required.
|
|
|
86bca3 |
+
|
|
|
86bca3 |
+.TP
|
|
|
86bca3 |
+.B --nickname, -n <nickname for the certificate>
|
|
|
86bca3 |
+Nickname for the certificate in the NSS DB. Required.
|
|
|
86bca3 |
+
|
|
|
86bca3 |
+.TP
|
|
|
86bca3 |
+.B --trust, -t <NSS trust flags>
|
|
|
86bca3 |
+Trust flags for the certificate. See \fBcertutil\fP for more information about the available trust flags. Required.
|
|
|
86bca3 |
+
|
|
|
86bca3 |
+.TP
|
|
|
86bca3 |
+.B --usage, -u <NSS usage flags>
|
|
|
86bca3 |
+Usage to validate the certificate against. See \fBcertutil\fP for more information about available usage flags. Required.
|
|
|
86bca3 |
+
|
|
|
86bca3 |
+.SH AUTHORS
|
|
|
86bca3 |
+Alexander Scheel <ascheel@redhat.com>.
|
|
|
86bca3 |
+
|
|
|
86bca3 |
+.SH COPYRIGHT
|
|
|
86bca3 |
+Copyright (c) 2019 Red Hat, Inc. This is licensed under the GNU General Public
|
|
|
86bca3 |
+License, version 2 (GPLv2). A copy of this license is available at
|
|
|
86bca3 |
+http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
|
|
|
86bca3 |
diff --git a/base/kra/shared/conf/CS.cfg b/base/kra/shared/conf/CS.cfg
|
|
|
86bca3 |
index 8bfb0fb..f21f305 100644
|
|
|
86bca3 |
--- a/base/kra/shared/conf/CS.cfg
|
|
|
86bca3 |
+++ b/base/kra/shared/conf/CS.cfg
|
|
|
86bca3 |
@@ -306,7 +306,7 @@ log.instance.SignedAudit._007=## $ pki-server kra-audit-event-enable/disable
|
|
|
86bca3 |
log.instance.SignedAudit._008=##
|
|
|
86bca3 |
log.instance.SignedAudit.bufferSize=512
|
|
|
86bca3 |
log.instance.SignedAudit.enable=true
|
|
|
86bca3 |
-log.instance.SignedAudit.events=ACCESS_SESSION_ESTABLISH,ACCESS_SESSION_TERMINATED,ASYMKEY_GENERATION_REQUEST,ASYMKEY_GENERATION_REQUEST_PROCESSED,AUDIT_LOG_SHUTDOWN,AUDIT_LOG_SIGNING,AUDIT_LOG_STARTUP,AUTH,AUTHZ,CLIENT_ACCESS_SESSION_ESTABLISH,CLIENT_ACCESS_SESSION_TERMINATED,CONFIG_ACL,CONFIG_AUTH,CONFIG_DRM,CONFIG_ENCRYPTION,CONFIG_ROLE,CONFIG_SERIAL_NUMBER,CONFIG_SIGNED_AUDIT,CONFIG_TRUSTED_PUBLIC_KEY,KEY_GEN_ASYMMETRIC,LOG_PATH_CHANGE,RANDOM_GENERATION,ROLE_ASSUME,SECURITY_DATA_ARCHIVAL_REQUEST,SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED,SECURITY_DATA_RECOVERY_REQUEST,SECURITY_DATA_RECOVERY_REQUEST_PROCESSED,SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE,SELFTESTS_EXECUTION,SERVER_SIDE_KEYGEN_REQUEST,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED,SYMKEY_GENERATION_REQUEST,SYMKEY_GENERATION_REQUEST_PROCESSED
|
|
|
86bca3 |
+log.instance.SignedAudit.events=ACCESS_SESSION_ESTABLISH,ACCESS_SESSION_TERMINATED,ASYMKEY_GENERATION_REQUEST,ASYMKEY_GENERATION_REQUEST_PROCESSED,AUDIT_LOG_SIGNING,AUDIT_LOG_STARTUP,AUTH,AUTHZ,CLIENT_ACCESS_SESSION_ESTABLISH,CLIENT_ACCESS_SESSION_TERMINATED,CONFIG_ACL,CONFIG_AUTH,CONFIG_DRM,CONFIG_ENCRYPTION,CONFIG_ROLE,CONFIG_SERIAL_NUMBER,CONFIG_SIGNED_AUDIT,CONFIG_TRUSTED_PUBLIC_KEY,KEY_GEN_ASYMMETRIC,LOG_PATH_CHANGE,RANDOM_GENERATION,ROLE_ASSUME,SCHEDULE_CRL_GENERATION,SECURITY_DATA_ARCHIVAL_REQUEST,SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED,SECURITY_DATA_RECOVERY_REQUEST,SECURITY_DATA_RECOVERY_REQUEST_PROCESSED,SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE,SELFTESTS_EXECUTION,SERVER_SIDE_KEYGEN_REQUEST,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED,SYMKEY_GENERATION_REQUEST,SYMKEY_GENERATION_REQUEST_PROCESSED
|
|
|
86bca3 |
log.instance.SignedAudit.filters.ASYMKEY_GENERATION_REQUEST=(Outcome=Failure)
|
|
|
86bca3 |
log.instance.SignedAudit.filters.ASYMKEY_GENERATION_REQUEST_PROCESSED=(Outcome=Failure)
|
|
|
86bca3 |
log.instance.SignedAudit.filters.KEY_GEN_ASYMMETRIC=(Outcome=Failure)
|
|
|
86bca3 |
diff --git a/base/ocsp/shared/conf/CS.cfg b/base/ocsp/shared/conf/CS.cfg
|
|
|
86bca3 |
index 2fd546a..4c584e9 100644
|
|
|
86bca3 |
--- a/base/ocsp/shared/conf/CS.cfg
|
|
|
86bca3 |
+++ b/base/ocsp/shared/conf/CS.cfg
|
|
|
86bca3 |
@@ -222,7 +222,7 @@ log.instance.SignedAudit._007=## $ pki-server ocsp-audit-event-enable/disable
|
|
|
86bca3 |
log.instance.SignedAudit._008=##
|
|
|
86bca3 |
log.instance.SignedAudit.bufferSize=512
|
|
|
86bca3 |
log.instance.SignedAudit.enable=true
|
|
|
86bca3 |
-log.instance.SignedAudit.events=ACCESS_SESSION_ESTABLISH,ACCESS_SESSION_TERMINATED,AUDIT_LOG_SHUTDOWN,AUDIT_LOG_SIGNING,AUDIT_LOG_STARTUP,AUTH,AUTHZ,CLIENT_ACCESS_SESSION_ESTABLISH,CLIENT_ACCESS_SESSION_TERMINATED,CONFIG_ACL,CONFIG_AUTH,CONFIG_ENCRYPTION,CONFIG_OCSP_PROFILE,CONFIG_ROLE,CONFIG_SIGNED_AUDIT,CONFIG_TRUSTED_PUBLIC_KEY,KEY_GEN_ASYMMETRIC,LOG_PATH_CHANGE,OCSP_ADD_CA_REQUEST_PROCESSED,OCSP_GENERATION,OCSP_REMOVE_CA_REQUEST_PROCESSED,OCSP_SIGNING_INFO,RANDOM_GENERATION,ROLE_ASSUME,SELFTESTS_EXECUTION,SERVER_SIDE_KEYGEN_REQUEST,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED
|
|
|
86bca3 |
+log.instance.SignedAudit.events=ACCESS_SESSION_ESTABLISH,ACCESS_SESSION_TERMINATED,AUDIT_LOG_SIGNING,AUDIT_LOG_STARTUP,AUTH,AUTHZ,CLIENT_ACCESS_SESSION_ESTABLISH,CLIENT_ACCESS_SESSION_TERMINATED,CONFIG_ACL,CONFIG_AUTH,CONFIG_ENCRYPTION,CONFIG_OCSP_PROFILE,CONFIG_ROLE,CONFIG_SIGNED_AUDIT,CONFIG_TRUSTED_PUBLIC_KEY,KEY_GEN_ASYMMETRIC,LOG_PATH_CHANGE,OCSP_ADD_CA_REQUEST_PROCESSED,OCSP_GENERATION,OCSP_REMOVE_CA_REQUEST_PROCESSED,OCSP_SIGNING_INFO,RANDOM_GENERATION,ROLE_ASSUME,SCHEDULE_CRL_GENERATION,SELFTESTS_EXECUTION,SERVER_SIDE_KEYGEN_REQUEST,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED
|
|
|
86bca3 |
log.instance.SignedAudit.filters.RANDOM_GENERATION=(Outcome=Failure)
|
|
|
86bca3 |
log.instance.SignedAudit.expirationTime=0
|
|
|
86bca3 |
log.instance.SignedAudit.fileName=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_TYPE]/signedAudit/ocsp_cert-ocsp_audit
|
|
|
86bca3 |
diff --git a/base/server/cms/src/com/netscape/cms/logging/LogFile.java b/base/server/cms/src/com/netscape/cms/logging/LogFile.java
|
|
|
86bca3 |
index 564f1bb..780ca01 100644
|
|
|
86bca3 |
--- a/base/server/cms/src/com/netscape/cms/logging/LogFile.java
|
|
|
86bca3 |
+++ b/base/server/cms/src/com/netscape/cms/logging/LogFile.java
|
|
|
86bca3 |
@@ -870,7 +870,7 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo {
|
|
|
86bca3 |
*
|
|
|
86bca3 |
*
|
|
|
86bca3 |
*
|
|
|
86bca3 |
- * signed.audit LOGGING_SIGNED_AUDIT_AUDIT_LOG_SHUTDOWN used at audit function shutdown
|
|
|
86bca3 |
+ * signed.audit AUDIT_LOG_SHUTDOWN used at audit function shutdown
|
|
|
86bca3 |
*
|
|
|
86bca3 |
*/
|
|
|
86bca3 |
public synchronized void shutdown() {
|
|
|
86bca3 |
diff --git a/base/server/cmsbundle/src/audit-events.properties b/base/server/cmsbundle/src/audit-events.properties
|
|
|
86bca3 |
index ddc278e..64548da 100644
|
|
|
86bca3 |
--- a/base/server/cmsbundle/src/audit-events.properties
|
|
|
86bca3 |
+++ b/base/server/cmsbundle/src/audit-events.properties
|
|
|
86bca3 |
@@ -8,1286 +8,1758 @@
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: <event type>
|
|
|
86bca3 |
# Description: <event description>
|
|
|
86bca3 |
+# <use 2 spaces to indent long description>
|
|
|
86bca3 |
# Applicable subsystems: <comma-separated list of subsystems>
|
|
|
86bca3 |
# Enabled by default: <Yes|No>
|
|
|
86bca3 |
# Fields:
|
|
|
86bca3 |
# - <field name>: <field description>
|
|
|
86bca3 |
+# <use 2 spaces to indent long description>
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Note: In the actual event definition there should be exactly 1 space
|
|
|
86bca3 |
# after the # sign.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Common fields:
|
|
|
86bca3 |
-# - Outcome: must be "success" or "failure"
|
|
|
86bca3 |
-# - SubjectID: must be the UID of the user responsible for the operation
|
|
|
86bca3 |
-# "$System$" if system-initiated operation (e.g. log signing)
|
|
|
86bca3 |
+# - Outcome: "Success" or "Failure"
|
|
|
86bca3 |
+# - SubjectID: The UID of the user responsible for the operation
|
|
|
86bca3 |
+# "$System$" or "SYSTEM" if system-initiated operation (e.g. log signing).
|
|
|
86bca3 |
#
|
|
|
86bca3 |
#########################################################################
|
|
|
86bca3 |
-# Selectable Signed Audit Events
|
|
|
86bca3 |
+# Required Audit Events
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: ACCESS_SESSION_ESTABLISH with [Outcome=Failure]
|
|
|
86bca3 |
+# Description: This event is used when access session failed to establish.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - ClientIP: Client IP address.
|
|
|
86bca3 |
+# - ServerIP: Server IP address.
|
|
|
86bca3 |
+# - SubjectID: Client certificate subject DN.
|
|
|
86bca3 |
+# - Outcome: Failure
|
|
|
86bca3 |
+# - Info: Failure reason.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_ACCESS_SESSION_ESTABLISH_FAILURE=\
|
|
|
86bca3 |
+<type=ACCESS_SESSION_ESTABLISH>:[AuditEvent=ACCESS_SESSION_ESTABLISH]{0} access session establish failure
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: ACCESS_SESSION_ESTABLISH with [Outcome=Success]
|
|
|
86bca3 |
+# Description: This event is used when access session was established successfully.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - ClientIP: Client IP address.
|
|
|
86bca3 |
+# - ServerIP: Server IP address.
|
|
|
86bca3 |
+# - SubjectID: Client certificate subject DN.
|
|
|
86bca3 |
+# - Outcome: Success
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_ACCESS_SESSION_ESTABLISH_SUCCESS=\
|
|
|
86bca3 |
+<type=ACCESS_SESSION_ESTABLISH>:[AuditEvent=ACCESS_SESSION_ESTABLISH]{0} access session establish success
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: ACCESS_SESSION_TERMINATED
|
|
|
86bca3 |
+# Description: This event is used when access session was terminated.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - ClientIP: Client IP address.
|
|
|
86bca3 |
+# - ServerIP: Server IP address.
|
|
|
86bca3 |
+# - SubjectID: Client certificate subject DN.
|
|
|
86bca3 |
+# - Info: The TLS Alert received from NSS
|
|
|
86bca3 |
+# - Outcome: Success
|
|
|
86bca3 |
+# - Info: The TLS Alert received from NSS
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_ACCESS_SESSION_TERMINATED=\
|
|
|
86bca3 |
+<type=ACCESS_SESSION_TERMINATED>:[AuditEvent=ACCESS_SESSION_TERMINATED]{0} access session terminated
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: AUDIT_LOG_SIGNING
|
|
|
86bca3 |
+# Description: This event is used when a signature on the audit log is generated (same as "flush" time).
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: Predefined to be "$System$" because this operation
|
|
|
86bca3 |
+# associates with no user.
|
|
|
86bca3 |
+# - Outcome: Success
|
|
|
86bca3 |
+# - sig: The base-64 encoded signature of the buffer just flushed.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_AUDIT_LOG_SIGNING_3=[AuditEvent=AUDIT_LOG_SIGNING][SubjectID={0}][Outcome={1}] signature of audit buffer just flushed: sig: {2}
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: AUDIT_LOG_STARTUP
|
|
|
86bca3 |
-# - used at audit function startup
|
|
|
86bca3 |
+# Description: This event is used at audit function startup.
|
|
|
86bca3 |
# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: $System$
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_AUDIT_LOG_STARTUP_2=<type=AUDIT_LOG_STARTUP>:[AuditEvent=AUDIT_LOG_STARTUP][SubjectID={0}][Outcome={1}] audit function startup
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: AUDIT_LOG_SHUTDOWN
|
|
|
86bca3 |
-# - used at audit function shutdown
|
|
|
86bca3 |
+# Event: AUTH with [Outcome=Failure]
|
|
|
86bca3 |
+# Description: This event is used when authentication fails.
|
|
|
86bca3 |
+# In case of SSL-client auth, only webserver env can pick up the SSL violation.
|
|
|
86bca3 |
+# CS authMgr can pick up certificate mismatch, so this event is used.
|
|
|
86bca3 |
# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome: Failure
|
|
|
86bca3 |
+# (obviously, if authentication failed, you won't have a valid SubjectID, so
|
|
|
86bca3 |
+# in this case, SubjectID should be $Unidentified$)
|
|
|
86bca3 |
+# - AuthMgr: The authentication manager instance name that did
|
|
|
86bca3 |
+# this authentication.
|
|
|
86bca3 |
+# - AttemptedCred: The credential attempted and failed.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_AUDIT_LOG_SHUTDOWN_2=<type=AUDIT_LOG_SHUTDOWN>:[AuditEvent=AUDIT_LOG_SHUTDOWN][SubjectID={0}][Outcome={1}] audit function shutdown
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_AUTH_FAIL=<type=AUTH>:[AuditEvent=AUTH]{0} authentication failure
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CIMC_CERT_VERIFICATION
|
|
|
86bca3 |
-# - used for verifying CIMC system certificates
|
|
|
86bca3 |
+# Event: AUTH with [Outcome=Success]
|
|
|
86bca3 |
+# Description: This event is used when authentication succeeded.
|
|
|
86bca3 |
# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# - CertNickName is the cert nickname
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id of user who has been authenticated
|
|
|
86bca3 |
+# - Outcome: Success
|
|
|
86bca3 |
+# - AuthMgr: The authentication manager instance name that did
|
|
|
86bca3 |
+# this authentication.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION_3=<type=CIMC_CERT_VERIFICATION>:[AuditEvent=CIMC_CERT_VERIFICATION][SubjectID={0}][Outcome={1}][CertNickName={2}] CIMC certificate verification
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_AUTH_SUCCESS=<type=AUTH>:[AuditEvent=AUTH]{0} authentication success
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: ROLE_ASSUME
|
|
|
86bca3 |
-# - used when user assumes a role (in current CS that's when one accesses a
|
|
|
86bca3 |
-# role port)
|
|
|
86bca3 |
+# Event: AUTHZ with [Outcome=Failure]
|
|
|
86bca3 |
+# Description: This event is used when authorization has failed.
|
|
|
86bca3 |
# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# Role must be be one of the valid roles, by default: "Administrators",
|
|
|
86bca3 |
-# "Certificate Manager Agents", and "Auditors"
|
|
|
86bca3 |
-# note that customized role names can be used once configured
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id of user who has failed to be authorized for an action
|
|
|
86bca3 |
+# - Outcome: Failure
|
|
|
86bca3 |
+# - aclResource: The ACL resource ID as defined in ACL resource list.
|
|
|
86bca3 |
+# - Op: One of the operations as defined with the ACL statement
|
|
|
86bca3 |
+# e.g. "read" for an ACL statement containing "(read,write)".
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_ROLE_ASSUME=<type=ROLE_ASSUME>:[AuditEvent=ROLE_ASSUME]{0} assume privileged role
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_AUTHZ_FAIL=<type=AUTHZ>:[AuditEvent=AUTHZ]{0} authorization failure
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CONFIG_CERT_POLICY
|
|
|
86bca3 |
-# - used when configuring certificate policy constraints and extensions
|
|
|
86bca3 |
-# Applicable subsystems: CA
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
+# Event: AUTHZ with [Outcome=Success]
|
|
|
86bca3 |
+# Description: This event is used when authorization is successful.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id of user who has been authorized for an action
|
|
|
86bca3 |
+# - Outcome: Success
|
|
|
86bca3 |
+# - aclResource: The ACL resource ID as defined in ACL resource list.
|
|
|
86bca3 |
+# - Op: One of the operations as defined with the ACL statement
|
|
|
86bca3 |
+# e.g. "read" for an ACL statement containing "(read,write)".
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY_3=<type=CONFIG_CERT_POLICY>:[AuditEvent=CONFIG_CERT_POLICY][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] certificate policy constraint or extension configuration parameter(s) change
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS=<type=AUTHZ>:[AuditEvent=AUTHZ]{0} authorization success
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CONFIG_CERT_PROFILE
|
|
|
86bca3 |
-# - used when configuring certificate profile
|
|
|
86bca3 |
-# (general settings and certificate profile)
|
|
|
86bca3 |
-# (extensions and constraints policies are to be obsoleted but do it anyway)
|
|
|
86bca3 |
+# Event: CERT_PROFILE_APPROVAL
|
|
|
86bca3 |
+# Description: This event is used when an agent approves/disapproves a certificate profile set by the
|
|
|
86bca3 |
+# administrator for automatic approval.
|
|
|
86bca3 |
# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id of the CA agent who approved the certificate enrollment profile
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ProfileID: One of the profiles defined by the administrator
|
|
|
86bca3 |
+# and to be approved by an agent.
|
|
|
86bca3 |
+# - Op: "approve" or "disapprove".
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE_3=<type=CONFIG_CERT_PROFILE>:[AuditEvent=CONFIG_CERT_PROFILE][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] certificate profile configuration parameter(s) change
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CERT_PROFILE_APPROVAL_4=<type=CERT_PROFILE_APPROVAL>:[AuditEvent=CERT_PROFILE_APPROVAL][SubjectID={0}][Outcome={1}][ProfileID={2}][Op={3}] certificate profile approval
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CONFIG_CRL_PROFILE
|
|
|
86bca3 |
-# - used when configuring CRL profile
|
|
|
86bca3 |
-# (extensions, frequency, CRL format)
|
|
|
86bca3 |
+# Event: CERT_REQUEST_PROCESSED
|
|
|
86bca3 |
+# Description: This event is used when certificate request has just been through the approval process.
|
|
|
86bca3 |
# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: The UID of the agent who approves, rejects, or cancels
|
|
|
86bca3 |
+# the certificate request.
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ReqID: The request ID.
|
|
|
86bca3 |
+# - InfoName: "certificate" (in case of approval), "rejectReason"
|
|
|
86bca3 |
+# (in case of reject), or "cancelReason" (in case of cancel)
|
|
|
86bca3 |
+# - InfoValue: The certificate (in case of success), a reject reason in
|
|
|
86bca3 |
+# text, or a cancel reason in text.
|
|
|
86bca3 |
+# - CertSerialNum:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE_3=<type=CONFIG_CRL_PROFILE>:[AuditEvent=CONFIG_CRL_PROFILE][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] CRL profile configuration parameter(s) change
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED=<type=CERT_REQUEST_PROCESSED>:[AuditEvent=CERT_REQUEST_PROCESSED]{0} certificate request processed
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CONFIG_OCSP_PROFILE
|
|
|
86bca3 |
-# - used when configuring OCSP profile
|
|
|
86bca3 |
-# (everything under Online Certificate Status Manager)
|
|
|
86bca3 |
-# Applicable subsystems: OCSP
|
|
|
86bca3 |
+# Event: CERT_SIGNING_INFO
|
|
|
86bca3 |
+# Description: This event indicates which key is used to sign certificates.
|
|
|
86bca3 |
+# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: $System$
|
|
|
86bca3 |
+# - Outcome: Success
|
|
|
86bca3 |
+# - SKI: Subject Key Identifier of the certificate signing certificate
|
|
|
86bca3 |
+# - AuthorityID: (applicable only to lightweight CA)
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE_3=<type=CONFIG_OCSP_PROFILE>:[AuditEvent=CONFIG_OCSP_PROFILE][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] OCSP profile configuration parameter(s) change
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CERT_SIGNING_INFO=<type=CERT_SIGNING_INFO>:[AuditEvent=CERT_SIGNING_INFO]{0} certificate signing info
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CONFIG_AUTH
|
|
|
86bca3 |
-# - used when configuring authentication
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Event: CERT_STATUS_CHANGE_REQUEST
|
|
|
86bca3 |
+# Description: This event is used when a certificate status change request (e.g. revocation)
|
|
|
86bca3 |
+# is made (before approval process).
|
|
|
86bca3 |
+# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
-# --- Password MUST NOT be logged ---
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id of uer who performed the action
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ReqID: The request ID.
|
|
|
86bca3 |
+# - CertSerialNum: The serial number (in hex) of the certificate to be revoked.
|
|
|
86bca3 |
+# - RequestType: "revoke", "on-hold", "off-hold"
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_AUTH_3=<type=CONFIG_AUTH>:[AuditEvent=CONFIG_AUTH][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] authentication configuration parameter(s) change
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST=<type=CERT_STATUS_CHANGE_REQUEST>:[AuditEvent=CERT_STATUS_CHANGE_REQUEST]{0} certificate revocation/unrevocation request made
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CONFIG_ROLE
|
|
|
86bca3 |
-# - used when configuring role information (anything under users/groups)
|
|
|
86bca3 |
-# add/remove/edit a role, etc)
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Event: CERT_STATUS_CHANGE_REQUEST_PROCESSED
|
|
|
86bca3 |
+# Description: This event is used when certificate status is changed (revoked, expired, on-hold,
|
|
|
86bca3 |
+# off-hold).
|
|
|
86bca3 |
+# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: The UID of the agent that processed the request.
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ReqID: The request ID.
|
|
|
86bca3 |
+# - RequestType: "revoke", "on-hold", "off-hold"
|
|
|
86bca3 |
+# - Approval: "complete", "rejected", or "canceled"
|
|
|
86bca3 |
+# (note that "complete" means "approved")
|
|
|
86bca3 |
+# - CertSerialNum: The serial number (in hex).
|
|
|
86bca3 |
+# - RevokeReasonNum: One of the following number:
|
|
|
86bca3 |
+# reason number reason
|
|
|
86bca3 |
+# --------------------------------------
|
|
|
86bca3 |
+# 0 Unspecified
|
|
|
86bca3 |
+# 1 Key compromised
|
|
|
86bca3 |
+# 2 CA key compromised (should not be used)
|
|
|
86bca3 |
+# 3 Affiliation changed
|
|
|
86bca3 |
+# 4 Certificate superceded
|
|
|
86bca3 |
+# 5 Cessation of operation
|
|
|
86bca3 |
+# 6 Certificate is on-hold
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_ROLE=<type=CONFIG_ROLE>:[AuditEvent=CONFIG_ROLE]{0} role configuration parameter(s) change
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED=<type=CERT_STATUS_CHANGE_REQUEST_PROCESSED>:[AuditEvent=CERT_STATUS_CHANGE_REQUEST_PROCESSED]{0} certificate status change request processed
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CONFIG_ACL
|
|
|
86bca3 |
-# - used when configuring ACL information
|
|
|
86bca3 |
+# Event: CLIENT_ACCESS_SESSION_ESTABLISH with [Outcome=Failure]
|
|
|
86bca3 |
+# Description: This event is when access session failed to establish when Certificate System acts as client.
|
|
|
86bca3 |
# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - ClientHost: Client hostname.
|
|
|
86bca3 |
+# - ServerHost: Server hostname.
|
|
|
86bca3 |
+# - ServerPort: Server port.
|
|
|
86bca3 |
+# - SubjectID: SYSTEM
|
|
|
86bca3 |
+# - Outcome: Failure
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_ACL_3=<type=CONFIG_ACL>:[AuditEvent=CONFIG_ACL][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] ACL configuration parameter(s) change
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CLIENT_ACCESS_SESSION_ESTABLISH_FAILURE=\
|
|
|
86bca3 |
+<type=CLIENT_ACCESS_SESSION_ESTABLISH>:[AuditEvent=CLIENT_ACCESS_SESSION_ESTABLISH]{0} access session failed to establish when Certificate System acts as client
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CONFIG_SIGNED_AUDIT
|
|
|
86bca3 |
-# - used when configuring signedAudit
|
|
|
86bca3 |
+# Event: CLIENT_ACCESS_SESSION_ESTABLISH with [Outcome=Success]
|
|
|
86bca3 |
+# Description: This event is used when access session was established successfully when
|
|
|
86bca3 |
+# Certificate System acts as client.
|
|
|
86bca3 |
# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - ClientHost: Client hostname.
|
|
|
86bca3 |
+# - ServerHost: Server hostname.
|
|
|
86bca3 |
+# - ServerPort: Server port.
|
|
|
86bca3 |
+# - SubjectID: SYSTEM
|
|
|
86bca3 |
+# - Outcome: Success
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT=<type=CONFIG_SIGNED_AUDIT>:[AuditEvent=CONFIG_SIGNED_AUDIT]{0} signed audit configuration parameter(s) change
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CLIENT_ACCESS_SESSION_ESTABLISH_SUCCESS=\
|
|
|
86bca3 |
+<type=CLIENT_ACCESS_SESSION_ESTABLISH>:[AuditEvent=CLIENT_ACCESS_SESSION_ESTABLISH]{0} access session establish successfully when Certificate System acts as client
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CONFIG_ENCRYPTION
|
|
|
86bca3 |
-# - used when configuring encryption (cert settings and SSL cipher preferences)
|
|
|
86bca3 |
+# Event: CLIENT_ACCESS_SESSION_TERMINATED
|
|
|
86bca3 |
+# Description: This event is used when access session was terminated when Certificate System acts as client.
|
|
|
86bca3 |
# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - ClientHost: Client hostname.
|
|
|
86bca3 |
+# - ServerHost: Server hostname.
|
|
|
86bca3 |
+# - ServerPort: Server port.
|
|
|
86bca3 |
+# - SubjectID: SYSTEM
|
|
|
86bca3 |
+# - Outcome: Success
|
|
|
86bca3 |
+# - Info: The TLS Alert received from NSS
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION_3=<type=CONFIG_ENCRYPTION>:[AuditEvent=CONFIG_ENCRYPTION][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] encryption configuration parameter(s) change
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CLIENT_ACCESS_SESSION_TERMINATED=\
|
|
|
86bca3 |
+<type=CLIENT_ACCESS_SESSION_TERMINATED>:[AuditEvent=CLIENT_ACCESS_SESSION_TERMINATED]{0} access session terminated when Certificate System acts as client
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CONFIG_TRUSTED_PUBLIC_KEY
|
|
|
86bca3 |
-# - used when
|
|
|
86bca3 |
-# 1. "Manage Certificate" is used to edit the trustness of certificates
|
|
|
86bca3 |
-# and deletion of certificates
|
|
|
86bca3 |
-# 2. "Certificate Setup Wizard" is used to import CA certificates into the
|
|
|
86bca3 |
-# certificate database (Although CrossCertificatePairs are stored
|
|
|
86bca3 |
-# within internaldb, audit them as well)
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Event: CMC_REQUEST_RECEIVED
|
|
|
86bca3 |
+# Description: This event is used when a CMC request is received.
|
|
|
86bca3 |
+# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: The UID of user that triggered this event.
|
|
|
86bca3 |
+# If CMC requests is signed by an agent, SubjectID should
|
|
|
86bca3 |
+# be that of the agent.
|
|
|
86bca3 |
+# In case of an unsigned request, it would bear $Unidentified$.
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - CMCRequest: Base64 encoding of the CMC request received
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY=<type=CONFIG_TRUSTED_PUBLIC_KEY>:[AuditEvent=CONFIG_TRUSTED_PUBLIC_KEY]{0} certificate database configuration
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CMC_REQUEST_RECEIVED_3=<type=CMC_REQUEST_RECEIVED>:[AuditEvent=CMC_REQUEST_RECEIVED][SubjectID={0}][Outcome={1}][CMCRequest={2}] CMC request received
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CONFIG_DRM
|
|
|
86bca3 |
-# - used when configuring DRM
|
|
|
86bca3 |
-# (Key recovery scheme, change of any secret component)
|
|
|
86bca3 |
-# Applicable subsystems: KRA
|
|
|
86bca3 |
+# Event: CMC_RESPONSE_SENT
|
|
|
86bca3 |
+# Description: This event is used when a CMC response is sent.
|
|
|
86bca3 |
+# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
-# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: The UID of user that triggered this event.
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - CMCResponse: Base64 encoding of the CMC response sent
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_DRM_3=<type=CONFIG_DRM>:[AuditEvent=CONFIG_DRM][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] DRM configuration parameter(s) change
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CMC_RESPONSE_SENT_3=<type=CMC_RESPONSE_SENT>:[AuditEvent=CMC_RESPONSE_SENT][SubjectID={0}][Outcome={1}][CMCResponse={2}] CMC response sent
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: SELFTESTS_EXECUTION
|
|
|
86bca3 |
-# - used when self tests are run
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Event: CMC_SIGNED_REQUEST_SIG_VERIFY
|
|
|
86bca3 |
+# Description: This event is used when agent signed CMC certificate requests or revocation requests
|
|
|
86bca3 |
+# are submitted and signature is verified.
|
|
|
86bca3 |
+# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: the user who signed the CMC request (success case)
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ReqType: The request type (enrollment, or revocation).
|
|
|
86bca3 |
+# - CertSubject: The certificate subject name of the certificate request.
|
|
|
86bca3 |
+# - SignerInfo: A unique String representation for the signer.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION_2=<type=SELFTESTS_EXECUTION>:[AuditEvent=SELFTESTS_EXECUTION][SubjectID={0}][Outcome={1}] self tests execution (see selftests.log for details)
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CMC_SIGNED_REQUEST_SIG_VERIFY=<type=CMC_SIGNED_REQUEST_SIG_VERIFY>:[AuditEvent=CMC_SIGNED_REQUEST_SIG_VERIFY]{0} agent signed CMC request signature verification
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: AUDIT_LOG_DELETE
|
|
|
86bca3 |
-# - used AFTER audit log gets expired (authz should not allow,
|
|
|
86bca3 |
-# but in case authz gets compromised. Make sure it is written
|
|
|
86bca3 |
-# AFTER the log expiration happens)
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# LogFile must be the complete name (including the path) of the
|
|
|
86bca3 |
-# signedAudit log that is attempted to be deleted
|
|
|
86bca3 |
+# Event: CMC_USER_SIGNED_REQUEST_SIG_VERIFY
|
|
|
86bca3 |
+# Description: This event is used when CMC (user-signed or self-signed) certificate requests or revocation requests
|
|
|
86bca3 |
+# are submitted and signature is verified.
|
|
|
86bca3 |
+# Applicable subsystems: CA
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: the user who signed the CMC request (success case)
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ReqType: The request type (enrollment, or revocation).
|
|
|
86bca3 |
+# - CertSubject: The certificate subject name of the certificate request.
|
|
|
86bca3 |
+# - CMCSignerInfo: A unique String representation for the CMC request signer.
|
|
|
86bca3 |
+# - info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_LOG_DELETE_3=<type=AUDIT_LOG_DELETE>:[AuditEvent=AUDIT_LOG_DELETE][SubjectID={0}][Outcome={1}][LogFile={2}] signedAudit log deletion
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CMC_USER_SIGNED_REQUEST_SIG_VERIFY_FAILURE=<type=CMC_USER_SIGNED_REQUEST_SIG_VERIFY>:[AuditEvent=CMC_USER_SIGNED_REQUEST_SIG_VERIFY]{0} User signed CMC request signature verification failure
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CMC_USER_SIGNED_REQUEST_SIG_VERIFY_SUCCESS=<type=CMC_USER_SIGNED_REQUEST_SIG_VERIFY>:[AuditEvent=CMC_USER_SIGNED_REQUEST_SIG_VERIFY]{0} User signed CMC request signature verification success
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: LOG_PATH_CHANGE
|
|
|
86bca3 |
-# - used when log file name (including any path changes) for any of
|
|
|
86bca3 |
-# audit, system, transaction, or other customized log file
|
|
|
86bca3 |
-# change is attempted (authz should not allow, but make sure it's
|
|
|
86bca3 |
-# written after the attempt)
|
|
|
86bca3 |
+# Event: CONFIG_ACL
|
|
|
86bca3 |
+# Description: This event is used when configuring ACL information.
|
|
|
86bca3 |
# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# LogType must be "System", "Transaction", or "SignedAudit"
|
|
|
86bca3 |
-# toLogFile must be the name (including any path changes) that the user is
|
|
|
86bca3 |
-# attempting to change to
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id of administrator who performed the action
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE_4=<type=LOG_PATH_CHANGE>:[AuditEvent=LOG_PATH_CHANGE][SubjectID={0}][Outcome={1}][LogType={2}][toLogFile={3}] log path change attempt
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_ACL_3=<type=CONFIG_ACL>:[AuditEvent=CONFIG_ACL][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] ACL configuration parameter(s) change
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: LOG_EXPIRATION_CHANGE
|
|
|
86bca3 |
-# - used when log expiration time change is attempted (authz should not
|
|
|
86bca3 |
-# allow, but make sure it's written after the attempt)
|
|
|
86bca3 |
+# Event: CONFIG_AUTH
|
|
|
86bca3 |
+# Description: This event is used when configuring authentication.
|
|
|
86bca3 |
# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# LogType must be "System", "Transaction", or "SignedAudit"
|
|
|
86bca3 |
-# ExpirationTime must be the amount of time (in seconds) that is
|
|
|
86bca3 |
-# attempted to be changed to
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id of administrator who performed the action
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
+# --- Password MUST NOT be logged ---
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# -- feature disabled --
|
|
|
86bca3 |
-#LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE_4=<type=LOG_EXPIRATION_CHANGE>:[AuditEvent=LOG_EXPIRATION_CHANGE][SubjectID={0}][Outcome={1}][LogType={2}][ExpirationTime={3}] log expiration time change attempt
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_AUTH_3=<type=CONFIG_AUTH>:[AuditEvent=CONFIG_AUTH][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] authentication configuration parameter(s) change
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: SERVER_SIDE_KEYGEN_REQUEST
|
|
|
86bca3 |
-# - used when server-side key generation request is made
|
|
|
86bca3 |
-# This is for tokenkeys
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Event: CONFIG_CERT_PROFILE
|
|
|
86bca3 |
+# Description: This event is used when configuring certificate profile
|
|
|
86bca3 |
+# (general settings and certificate profile).
|
|
|
86bca3 |
+# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# EntityID must be the representation of the subject that will be on the certificate when issued
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id of administrator who performed the action
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_SERVER_SIDE_KEYGEN_REQUEST=<type=SERVER_SIDE_KEYGEN_REQUEST>:[AuditEvent=SERVER_SIDE_KEYGEN_REQUEST]{0} server-side key generation request
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE_3=<type=CONFIG_CERT_PROFILE>:[AuditEvent=CONFIG_CERT_PROFILE][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] certificate profile configuration parameter(s) change
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: SERVER_SIDE_KEYGEN_REQUEST_PROCESSED
|
|
|
86bca3 |
-# - used when server-side key generation request has been processed.
|
|
|
86bca3 |
-# This is for tokenkeys
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Event: CONFIG_CRL_PROFILE
|
|
|
86bca3 |
+# Description: This event is used when configuring CRL profile
|
|
|
86bca3 |
+# (extensions, frequency, CRL format).
|
|
|
86bca3 |
+# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# EntityID must be the representation of the subject that will be on the certificate when issued
|
|
|
86bca3 |
-# PubKey must be the base-64 encoded public key associated with
|
|
|
86bca3 |
-# the private key to be archived
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id of administrator who performed the action
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_SERVER_SIDE_KEYGEN_REQUEST_PROCESSED=<type=SERVER_SIDE_KEYGEN_REQUEST_PROCESSED>:[AuditEvent=SERVER_SIDE_KEYGEN_REQUEST_PROCESSED]{0} server-side key generation request processed
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE_3=<type=CONFIG_CRL_PROFILE>:[AuditEvent=CONFIG_CRL_PROFILE][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] CRL profile configuration parameter(s) change
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: KEY_RECOVERY_REQUEST
|
|
|
86bca3 |
-# - used when key recovery request is made
|
|
|
86bca3 |
-# Applicable subsystems: CA, OCSP, TKS, TPS, TPS
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# RecoveryID must be the recovery request ID
|
|
|
86bca3 |
-# PubKey must be the base-64 encoded public key associated with
|
|
|
86bca3 |
-# the private key to be recovered
|
|
|
86bca3 |
+# Event: CONFIG_DRM
|
|
|
86bca3 |
+# Description: This event is used when configuring KRA.
|
|
|
86bca3 |
+# This includes key recovery scheme, change of any secret component.
|
|
|
86bca3 |
+# Applicable subsystems: KRA
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id of administrator who performed the action
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
+# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_4=<type=KEY_RECOVERY_REQUEST>:[AuditEvent=KEY_RECOVERY_REQUEST][SubjectID={0}][Outcome={1}][RecoveryID={2}][PubKey={3}] key recovery request made
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_DRM_3=<type=CONFIG_DRM>:[AuditEvent=CONFIG_DRM][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] DRM configuration parameter(s) change
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: KEY_RECOVERY_AGENT_LOGIN
|
|
|
86bca3 |
-# - used when DRM agents login as recovery agents to approve
|
|
|
86bca3 |
-# key recovery requests
|
|
|
86bca3 |
-# Applicable subsystems: KRA
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# RecoveryID must be the recovery request ID
|
|
|
86bca3 |
-# RecoveryAgent must be the recovery agent the DRM agent is
|
|
|
86bca3 |
-# logging in with
|
|
|
86bca3 |
+# Event: CONFIG_OCSP_PROFILE
|
|
|
86bca3 |
+# Description: This event is used when configuring OCSP profile
|
|
|
86bca3 |
+# (everything under Online Certificate Status Manager).
|
|
|
86bca3 |
+# Applicable subsystems: OCSP
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id of administrator who performed the action
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_KEY_RECOVERY_AGENT_LOGIN_4=<type=KEY_RECOVERY_AGENT_LOGIN>:[AuditEvent=KEY_RECOVERY_AGENT_LOGIN][SubjectID={0}][Outcome={1}][RecoveryID={2}][RecoveryAgent={3}] key recovery agent login
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE_3=<type=CONFIG_OCSP_PROFILE>:[AuditEvent=CONFIG_OCSP_PROFILE][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] OCSP profile configuration parameter(s) change
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: KEY_GEN_ASYMMETRIC
|
|
|
86bca3 |
-# - used when asymmetric keys are generated
|
|
|
86bca3 |
-# (like when CA certificate requests are generated -
|
|
|
86bca3 |
-# e.g. CA certificate change over, renewal with new key, etc.)
|
|
|
86bca3 |
+# Event: CONFIG_ROLE
|
|
|
86bca3 |
+# Description: This event is used when configuring role information.
|
|
|
86bca3 |
+# This includes anything under users/groups, add/remove/edit a role, etc.
|
|
|
86bca3 |
# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# PubKey must be the base-64 encoded public key material
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id of administrator who performed the action
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC_3=<type=KEY_GEN_ASYMMETRIC>:[AuditEvent=KEY_GEN_ASYMMETRIC][SubjectID={0}][Outcome={1}][PubKey={2}] asymmetric key generation
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_ROLE=<type=CONFIG_ROLE>:[AuditEvent=CONFIG_ROLE]{0} role configuration parameter(s) change
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CERT_SIGNING_INFO
|
|
|
86bca3 |
-# Applicable subsystems: CA
|
|
|
86bca3 |
+# Event: CONFIG_SERIAL_NUMBER
|
|
|
86bca3 |
+# Description: This event is used when configuring serial number ranges
|
|
|
86bca3 |
+# (when requesting a serial number range when cloning, for example).
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id of administrator who performed the action
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CERT_SIGNING_INFO=<type=CERT_SIGNING_INFO>:[AuditEvent=CERT_SIGNING_INFO]{0} certificate signing info
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_SERIAL_NUMBER_1=<type=CONFIG_SERIAL_NUMBER>:[AuditEvent=CONFIG_SERIAL_NUMBER][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] serial number range update
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: OCSP_SIGNING_INFO
|
|
|
86bca3 |
-# Applicable subsystems: CA, OCSP
|
|
|
86bca3 |
+# Event: CONFIG_SIGNED_AUDIT
|
|
|
86bca3 |
+# Description: This event is used when configuring signedAudit.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id of administrator who performed the action
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_OCSP_SIGNING_INFO=<type=OCSP_SIGNING_INFO>:[AuditEvent=OCSP_SIGNING_INFO]{0} OCSP signing info
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT=<type=CONFIG_SIGNED_AUDIT>:[AuditEvent=CONFIG_SIGNED_AUDIT]{0} signed audit configuration parameter(s) change
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: CONFIG_TRUSTED_PUBLIC_KEY
|
|
|
86bca3 |
+# Description: This event is used when:
|
|
|
86bca3 |
+# 1. "Manage Certificate" is used to edit the trustness of certificates
|
|
|
86bca3 |
+# and deletion of certificates
|
|
|
86bca3 |
+# 2. "Certificate Setup Wizard" is used to import CA certificates into the
|
|
|
86bca3 |
+# certificate database (Although CrossCertificatePairs are stored
|
|
|
86bca3 |
+# within internaldb, audit them as well)
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: ID of administrator who performed this configuration
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY=<type=CONFIG_TRUSTED_PUBLIC_KEY>:[AuditEvent=CONFIG_TRUSTED_PUBLIC_KEY]{0} certificate database configuration
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: CRL_SIGNING_INFO
|
|
|
86bca3 |
+# Description: This event indicates which key is used to sign CRLs.
|
|
|
86bca3 |
# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: $System$
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - SKI: Subject Key Identifier of the CRL signing certificate
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_CRL_SIGNING_INFO=<type=CRL_SIGNING_INFO>:[AuditEvent=CRL_SIGNING_INFO]{0} CRL signing info
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: NON_PROFILE_CERT_REQUEST
|
|
|
86bca3 |
-# - used when a non-profile certificate request is made (before approval process)
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# SubjectID must be the UID of user that triggered this event
|
|
|
86bca3 |
-# (if CMC enrollment requests signed by an agent, SubjectID should
|
|
|
86bca3 |
-# be that of the agent), while
|
|
|
86bca3 |
-# CertSubject must be the certificate subject name of the certificate request
|
|
|
86bca3 |
-# ReqID must be the certificate request ID
|
|
|
86bca3 |
-# ServiceID must be the identity of the servlet that submitted the original
|
|
|
86bca3 |
-# request
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_NON_PROFILE_CERT_REQUEST_5=<type=NON_PROFILE_CERT_REQUEST>:[AuditEvent=NON_PROFILE_CERT_REQUEST][SubjectID={0}][Outcome={1}][ReqID={2}][ServiceID={3}][CertSubject={4}] certificate request made without certificate profiles
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: CMC_REQUEST_RECEIVED
|
|
|
86bca3 |
-# - used when a CMC request is received.
|
|
|
86bca3 |
+# Event: DELTA_CRL_GENERATION
|
|
|
86bca3 |
+# Description: This event is used when delta CRL generation is complete.
|
|
|
86bca3 |
# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# SubjectID must be the UID of user that triggered this event
|
|
|
86bca3 |
-# (if CMC requests is signed by an agent, SubjectID should
|
|
|
86bca3 |
-# be that of the agent)
|
|
|
86bca3 |
-# In case of an unsigned request, it would bear $Unidentified$
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: $Unidentified$
|
|
|
86bca3 |
+# - Outcome: "Success" when delta CRL is generated successfully, "Failure" otherwise.
|
|
|
86bca3 |
+# - CRLnum: The CRL number that identifies the CRL
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
+# - FailureReason:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CMC_REQUEST_RECEIVED_3=<type=CMC_REQUEST_RECEIVED>:[AuditEvent=CMC_REQUEST_RECEIVED][SubjectID={0}][Outcome={1}][CMCRequest={2}] CMC request received
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_DELTA_CRL_GENERATION=<type=DELTA_CRL_GENERATION>:[AuditEvent=DELTA_CRL_GENERATION]{0} Delta CRL generation
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CMC_RESPONSE_SENT
|
|
|
86bca3 |
-# - used when a CMC response is sent
|
|
|
86bca3 |
+# Event: FULL_CRL_GENERATION
|
|
|
86bca3 |
+# Description: This event is used when full CRL generation is complete.
|
|
|
86bca3 |
# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# SubjectID must be the UID of user that triggered this event
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: $System$
|
|
|
86bca3 |
+# - Outcome: "Success" when full CRL is generated successfully, "Failure" otherwise.
|
|
|
86bca3 |
+# - CRLnum: The CRL number that identifies the CRL
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
+# - FailureReason:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CMC_RESPONSE_SENT_3=<type=CMC_RESPONSE_SENT>:[AuditEvent=CMC_RESPONSE_SENT][SubjectID={0}][Outcome={1}][CMCResponse={2}] CMC response sent
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_FULL_CRL_GENERATION=<type=FULL_CRL_GENERATION>:[AuditEvent=FULL_CRL_GENERATION]{0} Full CRL generation
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: PROFILE_CERT_REQUEST
|
|
|
86bca3 |
-# - used when a profile certificate request is made (before approval process)
|
|
|
86bca3 |
+# Description: This event is used when a profile certificate request is made (before approval process).
|
|
|
86bca3 |
# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# SubjectID must be the UID of user that triggered this event
|
|
|
86bca3 |
-# (if CMC enrollment requests signed by an agent, SubjectID should
|
|
|
86bca3 |
-# be that of the agent), while
|
|
|
86bca3 |
-# CertSubject must be the certificate subject name of the certificate request
|
|
|
86bca3 |
-# ReqID must be the certificate request ID
|
|
|
86bca3 |
-# ProfileID must be one of the certificate profiles defined by the
|
|
|
86bca3 |
-# administrator
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: The UID of user that triggered this event.
|
|
|
86bca3 |
+# If CMC enrollment requests signed by an agent, SubjectID should
|
|
|
86bca3 |
+# be that of the agent.
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - CertSubject: The certificate subject name of the certificate request.
|
|
|
86bca3 |
+# - ReqID: The certificate request ID.
|
|
|
86bca3 |
+# - ProfileID: One of the certificate profiles defined by the
|
|
|
86bca3 |
+# administrator.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST_5=<type=PROFILE_CERT_REQUEST>:[AuditEvent=PROFILE_CERT_REQUEST][SubjectID={0}][Outcome={1}][ReqID={2}][ProfileID={3}][CertSubject={4}] certificate request made with certificate profiles
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CERT_REQUEST_PROCESSED
|
|
|
86bca3 |
-# - used when certificate request has just been through the approval process
|
|
|
86bca3 |
+# Event: PROOF_OF_POSSESSION
|
|
|
86bca3 |
+# Description: This event is used for proof of possession during certificate enrollment processing.
|
|
|
86bca3 |
# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# SubjectID must be the UID of the agent who approves, rejects, or cancels
|
|
|
86bca3 |
-# the certificate request
|
|
|
86bca3 |
-# ReqID must be the request ID
|
|
|
86bca3 |
-# InfoName must be value "certificate" (in case of approval), "rejectReason"
|
|
|
86bca3 |
-# (in case of reject), or "cancelReason" (in case of cancel)
|
|
|
86bca3 |
-# InfoValue must contain the certificate (in case of success), a reject reason in
|
|
|
86bca3 |
-# text, or a cancel reason in text
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: id that represents the authenticated user
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - Info: some information on when/how it occurred
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED=<type=CERT_REQUEST_PROCESSED>:[AuditEvent=CERT_REQUEST_PROCESSED]{0} certificate request processed
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION_3=<type=PROOF_OF_POSSESSION>:[AuditEvent=PROOF_OF_POSSESSION][SubjectID={0}][Outcome={1}][Info={2}] proof of possession
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CERT_STATUS_CHANGE_REQUEST
|
|
|
86bca3 |
-# - used when a certificate status change request (e.g. revocation)
|
|
|
86bca3 |
-# is made (before approval process)
|
|
|
86bca3 |
-# Applicable subsystems: CA
|
|
|
86bca3 |
+# Event: OCSP_ADD_CA_REQUEST_PROCESSED
|
|
|
86bca3 |
+# Description: This event is used when an add CA request to the OCSP Responder is processed.
|
|
|
86bca3 |
+# Applicable subsystems: OCSP
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# ReqID must be the request ID
|
|
|
86bca3 |
-# CertSerialNum must be the serial number (in hex) of the certificate to be revoked
|
|
|
86bca3 |
-# RequestType must be "revoke", "on-hold", "off-hold"
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: OCSP administrator user id
|
|
|
86bca3 |
+# - Outcome: "Success" when CA is added successfully, "Failure" otherwise.
|
|
|
86bca3 |
+# - CASubjectDN: The subject DN of the leaf CA cert in the chain.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST=<type=CERT_STATUS_CHANGE_REQUEST>:[AuditEvent=CERT_STATUS_CHANGE_REQUEST]{0} certificate revocation/unrevocation request made
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_OCSP_ADD_CA_REQUEST_PROCESSED=<type=OCSP_ADD_CA_REQUEST_PROCESSED>:[AuditEvent=OCSP_ADD_CA_REQUEST_PROCESSED]{0} Add CA for OCSP Responder
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CERT_STATUS_CHANGE_REQUEST_PROCESSED
|
|
|
86bca3 |
-# - used when certificate status is changed (revoked, expired, on-hold,
|
|
|
86bca3 |
-# off-hold)
|
|
|
86bca3 |
-# Applicable subsystems: CA
|
|
|
86bca3 |
+# Event: OCSP_GENERATION
|
|
|
86bca3 |
+# Description: This event is used when an OCSP response generated is complete.
|
|
|
86bca3 |
+# Applicable subsystems: CA, OCSP
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# SubjectID must be the UID of the agent that processed the request
|
|
|
86bca3 |
-# ReqID must be the request ID
|
|
|
86bca3 |
-# RequestType must be "revoke", "on-hold", "off-hold"
|
|
|
86bca3 |
-# Approval must be "complete", "rejected", or "canceled"
|
|
|
86bca3 |
-# (note that "complete" means "approved")
|
|
|
86bca3 |
-# CertSerialNum must be the serial number (in hex)
|
|
|
86bca3 |
-# RevokeReasonNum must contain one of the following number:
|
|
|
86bca3 |
-# reason number reason
|
|
|
86bca3 |
-# --------------------------------------
|
|
|
86bca3 |
-# 0 Unspecified
|
|
|
86bca3 |
-# 1 Key compromised
|
|
|
86bca3 |
-# 2 CA key compromised (should not be used)
|
|
|
86bca3 |
-# 3 Affiliation changed
|
|
|
86bca3 |
-# 4 Certificate superceded
|
|
|
86bca3 |
-# 5 Cessation of operation
|
|
|
86bca3 |
-# 6 Certificate is on-hold
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: $NonRoleUser$
|
|
|
86bca3 |
+# - Outcome: "Success" when OCSP response is generated successfully, "Failure" otherwise.
|
|
|
86bca3 |
+# - FailureReason:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED=<type=CERT_STATUS_CHANGE_REQUEST_PROCESSED>:[AuditEvent=CERT_STATUS_CHANGE_REQUEST_PROCESSED]{0} certificate status change request processed
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_OCSP_GENERATION=<type=OCSP_GENERATION>:[AuditEvent=OCSP_GENERATION]{0} OCSP response generation
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: AUTHZ with [Outcome=Success]
|
|
|
86bca3 |
-# - used when authorization is successful
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Event: OCSP_REMOVE_CA_REQUEST_PROCESSED with [Outcome=Failure]
|
|
|
86bca3 |
+# Description: This event is used when a remove CA request to the OCSP Responder is processed and failed.
|
|
|
86bca3 |
+# Applicable subsystems: OCSP
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# Outcome must be success for this event
|
|
|
86bca3 |
-# aclResource must be the ACL resource ID as defined in ACL resource list
|
|
|
86bca3 |
-# Op must be one of the operations as defined with the ACL statement
|
|
|
86bca3 |
-# e.g. "read" for an ACL statement containing "(read,write)"
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: OCSP administrator user id
|
|
|
86bca3 |
+# - Outcome: Failure
|
|
|
86bca3 |
+# - CASubjectDN: The subject DN of the leaf CA certificate in the chain.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS=<type=AUTHZ>:[AuditEvent=AUTHZ]{0} authorization success
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE=<type=OCSP_REMOVE_CA_REQUEST_PROCESSED>:[AuditEvent=OCSP_REMOVE_CA_REQUEST_PROCESSED]{0} Remove CA for OCSP Responder has failed
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: AUTHZ with [Outcome=Failure]
|
|
|
86bca3 |
-# - used when authorization has failed
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Event: OCSP_REMOVE_CA_REQUEST_PROCESSED with [Outcome=Success]
|
|
|
86bca3 |
+# Description: This event is used when a remove CA request to the OCSP Responder is processed successfully.
|
|
|
86bca3 |
+# Applicable subsystems: OCSP
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# Outcome must be failure for this event
|
|
|
86bca3 |
-# aclResource must be the ACL resource ID as defined in ACL resource list
|
|
|
86bca3 |
-# Op must be one of the operations as defined with the ACL statement
|
|
|
86bca3 |
-# e.g. "read" for an ACL statement containing "(read,write)"
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: OCSP administrator user id
|
|
|
86bca3 |
+# - Outcome: "Success" when CA is removed successfully, "Failure" otherwise.
|
|
|
86bca3 |
+# - CASubjectDN: The subject DN of the leaf CA certificate in the chain.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_AUTHZ_FAIL=<type=AUTHZ>:[AuditEvent=AUTHZ]{0} authorization failure
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS=<type=OCSP_REMOVE_CA_REQUEST_PROCESSED>:[AuditEvent=OCSP_REMOVE_CA_REQUEST_PROCESSED]{0} Remove CA for OCSP Responder is successful
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: INTER_BOUNDARY
|
|
|
86bca3 |
-# - used when inter-CIMC_Boundary data transfer is successful
|
|
|
86bca3 |
-# (this is used when data does not need to be captured)
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# ProtectionMethod must be one of the following: "SSL", or "unknown"
|
|
|
86bca3 |
-# ReqType must be the request type
|
|
|
86bca3 |
-# ReqID must be the request ID
|
|
|
86bca3 |
+# Event: OCSP_SIGNING_INFO
|
|
|
86bca3 |
+# Description: This event indicates which key is used to sign OCSP responses.
|
|
|
86bca3 |
+# Applicable subsystems: CA, OCSP
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: $System$
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - SKI: Subject Key Identifier of the OCSP signing certificate
|
|
|
86bca3 |
+# - AuthorityID: (applicable only to lightweight CA)
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_INTER_BOUNDARY_SUCCESS_5=<type=INTER_BOUNDARY>:[AuditEvent=INTER_BOUNDARY][SubjectID={0}][Outcome={1}][ProtectionMethod={2}][ReqType={3}][ReqID={4}] inter-CIMC_Boundary communication (data exchange) success
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_OCSP_SIGNING_INFO=<type=OCSP_SIGNING_INFO>:[AuditEvent=OCSP_SIGNING_INFO]{0} OCSP signing info
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: AUTH with [Outcome=Failure]
|
|
|
86bca3 |
-# - used when authentication fails (in case of SSL-client auth,
|
|
|
86bca3 |
-# only webserver env can pick up the SSL violation;
|
|
|
86bca3 |
-# CS authMgr can pick up certificate mis-match, so this event is used)
|
|
|
86bca3 |
+# Event: ROLE_ASSUME
|
|
|
86bca3 |
+# Description: This event is used when a user assumes a role.
|
|
|
86bca3 |
# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# Outcome should always be "failure" in this event
|
|
|
86bca3 |
-# (obviously, if authentication failed, you won't have a valid SubjectID, so
|
|
|
86bca3 |
-# in this case, SubjectID should be $Unidentified$)
|
|
|
86bca3 |
-# AuthMgr must be the authentication manager instance name that did
|
|
|
86bca3 |
-# this authentication
|
|
|
86bca3 |
-# AttemptedCred must be the credential attempted and failed
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - Role: One of the valid roles:
|
|
|
86bca3 |
+# "Administrators", "Certificate Manager Agents", or "Auditors".
|
|
|
86bca3 |
+# Note that customized role names can be used once configured.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_AUTH_FAIL=<type=AUTH>:[AuditEvent=AUTH]{0} authentication failure
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_ROLE_ASSUME=<type=ROLE_ASSUME>:[AuditEvent=ROLE_ASSUME]{0} assume privileged role
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: AUTH with [Outcome=Success]
|
|
|
86bca3 |
-# - used when authentication succeeded
|
|
|
86bca3 |
+# Event: SECURITY_DOMAIN_UPDATE
|
|
|
86bca3 |
+# Description: This event is used when updating contents of security domain
|
|
|
86bca3 |
+# (add/remove a subsystem).
|
|
|
86bca3 |
+# Applicable subsystems: CA
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: CA administrator user ID
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE_1=<type=SECURITY_DOMAIN_UPDATE>:[AuditEvent=SECURITY_DOMAIN_UPDATE][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] security domain update
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: SELFTESTS_EXECUTION
|
|
|
86bca3 |
+# Description: This event is used when self tests are run.
|
|
|
86bca3 |
# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# Outcome should always be "success" in this event
|
|
|
86bca3 |
-# AuthMgr must be the authentication manager instance name that did
|
|
|
86bca3 |
-# this authentication
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: $System$
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_AUTH_SUCCESS=<type=AUTH>:[AuditEvent=AUTH]{0} authentication success
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION_2=<type=SELFTESTS_EXECUTION>:[AuditEvent=SELFTESTS_EXECUTION][SubjectID={0}][Outcome={1}] self tests execution (see selftests.log for details)
|
|
|
86bca3 |
+#########################################################################
|
|
|
86bca3 |
+# Available Audit Events - Enabled by default: Yes
|
|
|
86bca3 |
+#########################################################################
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CERT_PROFILE_APPROVAL
|
|
|
86bca3 |
-# - used when an agent approves/disapproves a certificate profile set by the
|
|
|
86bca3 |
-# administrator for automatic approval
|
|
|
86bca3 |
-# Applicable subsystems: CA
|
|
|
86bca3 |
+# Event: ASYMKEY_GENERATION_REQUEST
|
|
|
86bca3 |
+# Description: This event is used when asymmetric key generation request is made.
|
|
|
86bca3 |
+# Applicable subsystems: KRA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# ProfileID must be one of the profiles defined by the administrator
|
|
|
86bca3 |
-# and to be approved by an agent
|
|
|
86bca3 |
-# Op must be "approve" or "disapprove"
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - GenerationRequestID:
|
|
|
86bca3 |
+# - ClientKeyID:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CERT_PROFILE_APPROVAL_4=<type=CERT_PROFILE_APPROVAL>:[AuditEvent=CERT_PROFILE_APPROVAL][SubjectID={0}][Outcome={1}][ProfileID={2}][Op={3}] certificate profile approval
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_ASYMKEY_GENERATION_REQUEST=<type=ASYMKEY_GENERATION_REQUEST>:[AuditEvent=ASYMKEY_GENERATION_REQUEST]{0} Asymkey generation request made
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: PROOF_OF_POSSESSION
|
|
|
86bca3 |
-# - used for proof of possession during certificate enrollment processing
|
|
|
86bca3 |
-# Applicable subsystems: CA
|
|
|
86bca3 |
+# Event: ASYMKEY_GENERATION_REQUEST_PROCESSED
|
|
|
86bca3 |
+# Description: This event is used when a request to generate asymmetric keys received by the KRA
|
|
|
86bca3 |
+# is processed.
|
|
|
86bca3 |
+# Applicable subsystems: KRA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - GenerationRequestID:
|
|
|
86bca3 |
+# - ClientKeyID:
|
|
|
86bca3 |
+# - KeyID:
|
|
|
86bca3 |
+# - FailureReason:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION_3=<type=PROOF_OF_POSSESSION>:[AuditEvent=PROOF_OF_POSSESSION][SubjectID={0}][Outcome={1}][Info={2}] proof of possession
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_ASYMKEY_GEN_REQUEST_PROCESSED=<type=ASYMKEY_GENERATION_REQUEST_PROCESSED>:[AuditEvent=ASYMKEY_GENERATION_REQUEST_PROCESSED]{0} Asymkey generation request processed
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CMC_PROOF_OF_IDENTIFICATION
|
|
|
86bca3 |
-# - used for proof of identification during CMC request processing
|
|
|
86bca3 |
+# Event: AUTHORITY_CONFIG
|
|
|
86bca3 |
+# Description: This event is used when configuring lightweight authorities.
|
|
|
86bca3 |
# Applicable subsystems: CA
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# - In case of success, "SubjectID" is the actual identified identification;
|
|
|
86bca3 |
-# - In case of failure, "SubjectID" is the attempted identification
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CMC_PROOF_OF_IDENTIFICATION_3=<type=CMC_PROOF_OF_IDENTIFICATION>:[AuditEvent=CMC_PROOF_OF_IDENTIFICATION][SubjectID={0}][Outcome={1}][Info={2}] proof of identification in CMC request
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_AUTHORITY_CONFIG_3=<type=AUTHORITY_CONFIG>:[AuditEvent=AUTHORITY_CONFIG][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] lightweight authority configuration change
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CMC_ID_POP_LINK_WITNESS
|
|
|
86bca3 |
-# - used for identification and POP linking verification during CMC request processing
|
|
|
86bca3 |
-# Applicable subsystems: CA
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
+# Event: CONFIG_ENCRYPTION
|
|
|
86bca3 |
+# Description: This event is used when configuring encryption (cert settings and SSL cipher preferences).
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CMC_ID_POP_LINK_WITNESS_3=<type=CMC_ID_POP_LINK_WITNESS>:[AuditEvent=CMC_ID_POP_LINK_WITNESS][SubjectID={0}][Outcome={1}][Info={2}] Identification Proof of Possession linking witness verification
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION_3=<type=CONFIG_ENCRYPTION>:[AuditEvent=CONFIG_ENCRYPTION][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] encryption configuration parameter(s) change
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: CONFIG_TOKEN_AUTHENTICATOR
|
|
|
86bca3 |
+# Description: This event is used when configuring token authenticators.
|
|
|
86bca3 |
+# Applicable subsystems: TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - OP:
|
|
|
86bca3 |
+# - Authenticator:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
+# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
+# - Info: Error info for failed cases.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_TOKEN_AUTHENTICATOR_6=<type=CONFIG_TOKEN_AUTHENTICATOR>:[AuditEvent=CONFIG_TOKEN_AUTHENTICATOR][SubjectID={0}][Outcome={1}][OP={2}][Authenticator={3}][ParamNameValPairs={4}][Info={5}] token authenticator configuration parameter(s) change
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: CONFIG_TOKEN_CONNECTOR
|
|
|
86bca3 |
+# Description: This event is used when configuring token connectors.
|
|
|
86bca3 |
+# Applicable subsystems: TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - Service: can be any of the methods offered
|
|
|
86bca3 |
+# - Connector:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
+# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
+# - Info: Error info for failed cases.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_TOKEN_CONNECTOR_6=<type=CONFIG_TOKEN_CONNECTOR>:[AuditEvent=CONFIG_TOKEN_CONNECTOR][SubjectID={0}][Outcome={1}][Service={2}][Connector={3}][ParamNameValPairs={4}][Info={5}] token connector configuration parameter(s) change
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: CONFIG_TOKEN_MAPPING_RESOLVER
|
|
|
86bca3 |
+# Description: This event is used when configuring token mapping resolver.
|
|
|
86bca3 |
+# Applicable subsystems: TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: TPS administrator id
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - Service:
|
|
|
86bca3 |
+# - MappingResolverID:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
+# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
+# - Info: Error info for failed cases.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_TOKEN_MAPPING_RESOLVER_6=<type=CONFIG_TOKEN_MAPPING_RESOLVER>:[AuditEvent=CONFIG_TOKEN_MAPPING_RESOLVER][SubjectID={0}][Outcome={1}][Service={2}][MappingResolverID={3}][ParamNameValPairs={4}][Info={5}] token mapping resolver configuration parameter(s) change
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: CONFIG_TOKEN_RECORD
|
|
|
86bca3 |
+# Description: This event is used when information in token record changed.
|
|
|
86bca3 |
+# Applicable subsystems: TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: TPS administrator id
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - OP: operation to add or delete token
|
|
|
86bca3 |
+# - TokenID: smart card unique id
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
+# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
+# - Info: in general is used for capturing error info for failed cases
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_TOKEN_RECORD_6=<type=CONFIG_TOKEN_RECORD>:[AuditEvent=CONFIG_TOKEN_RECORD][SubjectID={0}][Outcome={1}][OP={2}][TokenID={3}][ParamNameValPairs={4}][Info={5}] token record configuration parameter(s) change
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: KEY_GEN_ASYMMETRIC
|
|
|
86bca3 |
+# Description: This event is used when asymmetric keys are generated
|
|
|
86bca3 |
+# such as when CA certificate requests are generated,
|
|
|
86bca3 |
+# e.g. CA certificate change over, renewal with new key.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - PubKey: The base-64 encoded public key material.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC_3=<type=KEY_GEN_ASYMMETRIC>:[AuditEvent=KEY_GEN_ASYMMETRIC][SubjectID={0}][Outcome={1}][PubKey={2}] asymmetric key generation
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: LOG_PATH_CHANGE
|
|
|
86bca3 |
+# Description: This event is used when log file name (including any path changes) for any of
|
|
|
86bca3 |
+# audit, system, transaction, or other customized log file change is attempted.
|
|
|
86bca3 |
+# The ACL should not allow this operation, but make sure it's written after the attempt.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: administrator user id
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - LogType: "System", "Transaction", or "SignedAudit"
|
|
|
86bca3 |
+# - toLogFile: The name (including any path changes) that the user is
|
|
|
86bca3 |
+# attempting to change to.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE_4=<type=LOG_PATH_CHANGE>:[AuditEvent=LOG_PATH_CHANGE][SubjectID={0}][Outcome={1}][LogType={2}][toLogFile={3}] log path change attempt
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: RANDOM_GENERATION
|
|
|
86bca3 |
+# Description: This event is used when a random number generation is complete.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome: "Success" when a random number is generated successfully, "Failure" otherwise.
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
+# - Caller: PKI code that calls the random number generator.
|
|
|
86bca3 |
+# - Size: Size of random number in bytes.
|
|
|
86bca3 |
+# - FailureReason:
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_RANDOM_GENERATION=<type=RANDOM_GENERATION>:[AuditEvent=RANDOM_GENERATION]{0} Random number generation
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: SCHEDULE_CRL_GENERATION
|
|
|
86bca3 |
-# - used when CRL generation is scheduled
|
|
|
86bca3 |
+# Description: This event is used when CRL generation is scheduled.
|
|
|
86bca3 |
# Applicable subsystems: CA
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# Outcome is "success" when CRL generation is scheduled successfully, "failure" otherwise
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome: "Success" when CRL generation is scheduled successfully, "Failure" otherwise.
|
|
|
86bca3 |
+# - FailureReason:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_SCHEDULE_CRL_GENERATION=<type=SCHEDULE_CRL_GENERATION>:[AuditEvent=SCHEDULE_CRL_GENERATION]{0} schedule for CRL generation
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: DELTA_CRL_GENERATION
|
|
|
86bca3 |
-# - used when delta CRL generation is complete
|
|
|
86bca3 |
-# Applicable subsystems: CA
|
|
|
86bca3 |
+# Event: SECURITY_DATA_ARCHIVAL_REQUEST
|
|
|
86bca3 |
+# Description: This event is used when security data recovery request is made.
|
|
|
86bca3 |
+# Applicable subsystems: KRA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# Outcome is "success" when delta CRL is generated successfully, "failure" otherwise
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ArchivalRequestID: The requestID provided by the CA through the connector.
|
|
|
86bca3 |
+# It is used to track the request through from CA to KRA.
|
|
|
86bca3 |
+# - RequestId: The KRA archival request ID.
|
|
|
86bca3 |
+# - ClientKeyID: The user supplied client ID associated with
|
|
|
86bca3 |
+# the security data to be archived.
|
|
|
86bca3 |
+# - FailureReason:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_DELTA_CRL_GENERATION=<type=DELTA_CRL_GENERATION>:[AuditEvent=DELTA_CRL_GENERATION]{0} Delta CRL generation
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_SECURITY_DATA_ARCHIVAL_REQUEST=<type=SECURITY_DATA_ARCHIVAL_REQUEST>:[AuditEvent=SECURITY_DATA_ARCHIVAL_REQUEST]{0} security data archival request made
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: DELTA_CRL_PUBLISHING
|
|
|
86bca3 |
-# - used when delta CRL publishing is complete
|
|
|
86bca3 |
-# Applicable subsystems: CA
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# Outcome is "success" when delta CRL is publishing successfully, "failure" otherwise
|
|
|
86bca3 |
+# Event: SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED
|
|
|
86bca3 |
+# Description: This event is used when user security data archive request is processed.
|
|
|
86bca3 |
+# This is when KRA receives and processed the request.
|
|
|
86bca3 |
+# Applicable subsystems: KRA
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ArchivalRequestID: The requestID provided by the CA through the connector.
|
|
|
86bca3 |
+# It is used to track the request through from CA to KRA.
|
|
|
86bca3 |
+# - RequestId: The KRA archival request ID.
|
|
|
86bca3 |
+# - ClientKeyID: The user supplied client ID associated with
|
|
|
86bca3 |
+# the security data to be archived.
|
|
|
86bca3 |
+# - KeyID:
|
|
|
86bca3 |
+# - PubKey:
|
|
|
86bca3 |
+# - FailureReason:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_DELTA_CRL_PUBLISHING=<type=DELTA_CRL_PUBLISHING>:[AuditEvent=DELTA_CRL_PUBLISHING]{0} Delta CRL publishing
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED=<type=SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED>:[AuditEvent=SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED]{0} security data archival request processed
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: FULL_CRL_GENERATION
|
|
|
86bca3 |
-# - used when full CRL generation is complete
|
|
|
86bca3 |
-# Applicable subsystems: CA
|
|
|
86bca3 |
+# Event: SECURITY_DATA_RECOVERY_REQUEST
|
|
|
86bca3 |
+# Description: This event is used when security data recovery request is made.
|
|
|
86bca3 |
+# Applicable subsystems: KRA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# Outcome is "success" when full CRL is generated successfully, "failure" otherwise
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - RecoveryID: The recovery request ID.
|
|
|
86bca3 |
+# - DataID: The ID of the security data being requested to be recovered.
|
|
|
86bca3 |
+# - PubKey:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_FULL_CRL_GENERATION=<type=FULL_CRL_GENERATION>:[AuditEvent=FULL_CRL_GENERATION]{0} Full CRL generation
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_SECURITY_DATA_RECOVERY_REQUEST=<type=SECURITY_DATA_RECOVERY_REQUEST>:[AuditEvent=SECURITY_DATA_RECOVERY_REQUEST]{0} security data recovery request made
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: FULL_CRL_PUBLISHING
|
|
|
86bca3 |
-# - used when full CRL publishing is complete
|
|
|
86bca3 |
-# Applicable subsystems: CA
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# Outcome is "success" when full CRL is publishing successfully, "failure" otherwise
|
|
|
86bca3 |
+# Event: SECURITY_DATA_RECOVERY_REQUEST_PROCESSED
|
|
|
86bca3 |
+# Description: This event is used when security data recovery request is processed.
|
|
|
86bca3 |
+# Applicable subsystems: KRA
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - RecoveryID: The recovery request ID.
|
|
|
86bca3 |
+# - KeyID: The ID of the security data being requested to be recovered.
|
|
|
86bca3 |
+# - RecoveryAgents: The UIDs of the recovery agents approving this request.
|
|
|
86bca3 |
+# - FailureReason:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_FULL_CRL_PUBLISHING=<type=FULL_CRL_PUBLISHING>:[AuditEvent=FULL_CRL_PUBLISHING]{0} Full CRL publishing
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_SECURITY_DATA_RECOVERY_REQUEST_PROCESSED=<type=SECURITY_DATA_RECOVERY_REQUEST_PROCESSED>:[AuditEvent=SECURITY_DATA_RECOVERY_REQUEST_PROCESSED]{0} security data recovery request processed
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CRL_RETRIEVAL
|
|
|
86bca3 |
-# - used when CRLs are retrieved by the OCSP Responder
|
|
|
86bca3 |
-# Applicable subsystems: OCSP
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# Outcome is "success" when CRL is retrieved successfully, "failure" otherwise
|
|
|
86bca3 |
-# CRLnum is the CRL number that identifies the CRL
|
|
|
86bca3 |
+# Event: SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE
|
|
|
86bca3 |
+# Description: This event is used when KRA agents login as recovery agents to change
|
|
|
86bca3 |
+# the state of key recovery requests.
|
|
|
86bca3 |
+# Applicable subsystems: KRA
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - RecoveryID: The recovery request ID.
|
|
|
86bca3 |
+# - Operation: The operation performed (approve, reject, cancel etc.).
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CRL_RETRIEVAL_3=<type=CRL_RETRIEVAL>:[AuditEvent=CRL_RETRIEVAL][SubjectID={0}][Outcome={1}][CRLnum={2}] CRL retrieval
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE=<type=SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE>:[AuditEvent=SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE]{0} security data recovery request state change
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CRL_VALIDATION
|
|
|
86bca3 |
-# - used when CRL is retrieved and validation process occurs
|
|
|
86bca3 |
-# Applicable subsystems: OCSP
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
+# Event: SERVER_SIDE_KEYGEN_REQUEST
|
|
|
86bca3 |
+# Description: This event is used when server-side key generation request is made.
|
|
|
86bca3 |
+# This is for token keys.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - EntityID: The representation of the subject that will be on the certificate when issued.
|
|
|
86bca3 |
+# - RequestID:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CRL_VALIDATION_2=<type=CRL_VALIDATION>:[AuditEvent=CRL_VALIDATION][SubjectID={0}][Outcome={1}] CRL validation
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_SERVER_SIDE_KEYGEN_REQUEST=<type=SERVER_SIDE_KEYGEN_REQUEST>:[AuditEvent=SERVER_SIDE_KEYGEN_REQUEST]{0} server-side key generation request
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: OCSP_ADD_CA_REQUEST
|
|
|
86bca3 |
-# - used when a CA is attempted to be added to the OCSP Responder
|
|
|
86bca3 |
-# Applicable subsystems: OCSP
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# Outcome is "success" as the request is made
|
|
|
86bca3 |
-# CA must be the base-64 encoded PKCS7 certificate (or chain)
|
|
|
86bca3 |
+# Event: SERVER_SIDE_KEYGEN_REQUEST_PROCESSED
|
|
|
86bca3 |
+# Description: This event is used when server-side key generation request has been processed.
|
|
|
86bca3 |
+# This is for token keys.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - EntityID: The representation of the subject that will be on the certificate when issued.
|
|
|
86bca3 |
+# - RequestID:
|
|
|
86bca3 |
+# - PubKey: The base-64 encoded public key associated with
|
|
|
86bca3 |
+# the private key to be archived.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_OCSP_ADD_CA_REQUEST=<type=OCSP_ADD_CA_REQUEST>:[AuditEvent=OCSP_ADD_CA_REQUEST]{0} request to add a CA for OCSP Responder
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_SERVER_SIDE_KEYGEN_REQUEST_PROCESSED=<type=SERVER_SIDE_KEYGEN_REQUEST_PROCESSED>:[AuditEvent=SERVER_SIDE_KEYGEN_REQUEST_PROCESSED]{0} server-side key generation request processed
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: OCSP_ADD_CA_REQUEST_PROCESSED
|
|
|
86bca3 |
-# - used when an add CA request to the OCSP Responder is processed
|
|
|
86bca3 |
-# Applicable subsystems: OCSP
|
|
|
86bca3 |
+# Event: SYMKEY_GENERATION_REQUEST
|
|
|
86bca3 |
+# Description: This event is used when symmetric key generation request is made.
|
|
|
86bca3 |
+# Applicable subsystems: KRA
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# Outcome is "success" when CA is added successfully, "failure" otherwise
|
|
|
86bca3 |
-# CASubjectDN is the subject DN of the leaf CA cert in the chain
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - GenerationRequestID:
|
|
|
86bca3 |
+# - ClientKeyID: The ID of the symmetric key to be generated and archived.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_OCSP_ADD_CA_REQUEST_PROCESSED=<type=OCSP_ADD_CA_REQUEST_PROCESSED>:[AuditEvent=OCSP_ADD_CA_REQUEST_PROCESSED]{0} Add CA for OCSP Responder
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_SYMKEY_GENERATION_REQUEST=<type=SYMKEY_GENERATION_REQUEST>:[AuditEvent=SYMKEY_GENERATION_REQUEST]{0} symkey generation request made
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: OCSP_REMOVE_CA_REQUEST
|
|
|
86bca3 |
-# - used when a CA is attempted to be removed from the OCSP Responder
|
|
|
86bca3 |
-# Applicable subsystems: OCSP
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-# Outcome is "success" as the request is made
|
|
|
86bca3 |
-# CA must be the DN id of the CA
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST=<type=OCSP_REMOVE_CA_REQUEST>:[AuditEvent=OCSP_REMOVE_CA_REQUEST]{0} request to remove a CA from OCSP Responder
|
|
|
86bca3 |
+# Event: SYMKEY_GENERATION_REQUEST_PROCESSED
|
|
|
86bca3 |
+# Description: This event is used when symmetric key generation request is processed.
|
|
|
86bca3 |
+# This is when KRA receives and processes the request.
|
|
|
86bca3 |
+# Applicable subsystems: KRA
|
|
|
86bca3 |
+# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - GenerationRequestID:
|
|
|
86bca3 |
+# - ClientKeyID: The user supplied client ID associated with
|
|
|
86bca3 |
+# the symmetric key to be generated and archived.
|
|
|
86bca3 |
+# - KeyID:
|
|
|
86bca3 |
+# - FailureReason:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: OCSP_REMOVE_CA_REQUEST_PROCESSED with [Outcome=Success]
|
|
|
86bca3 |
-# - used when a remove CA request to the OCSP Responder is processed successfully
|
|
|
86bca3 |
-# Applicable subsystems: OCSP
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_SYMKEY_GEN_REQUEST_PROCESSED=<type=SYMKEY_GENERATION_REQUEST_PROCESSED>:[AuditEvent=SYMKEY_GENERATION_REQUEST_PROCESSED]{0} symkey generation request processed
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: TOKEN_APPLET_UPGRADE with [Outcome=Failure]
|
|
|
86bca3 |
+# Description: This event is used when token apple upgrade failed.
|
|
|
86bca3 |
+# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# Outcome is "success" when CA is removed successfully, "failure" otherwise
|
|
|
86bca3 |
-# CASubjectDN is the subject DN of the leaf CA cert in the chain
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - MSN:
|
|
|
86bca3 |
+# - KeyVersion:
|
|
|
86bca3 |
+# - oldAppletVersion:
|
|
|
86bca3 |
+# - newAppletVersion:
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS=<type=OCSP_REMOVE_CA_REQUEST_PROCESSED>:[AuditEvent=OCSP_REMOVE_CA_REQUEST_PROCESSED]{0} Remove CA for OCSP Responder is successful
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_TOKEN_APPLET_UPGRADE_FAILURE=<type=TOKEN_APPLET_UPGRADE>:[AuditEvent=TOKEN_APPLET_UPGRADE]{0} token applet upgrade failure
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: OCSP_REMOVE_CA_REQUEST_PROCESSED with [Outcome=Failure]
|
|
|
86bca3 |
-# - used when a remove CA request to the OCSP Responder is processed and failed
|
|
|
86bca3 |
-# Applicable subsystems: OCSP
|
|
|
86bca3 |
+# Event: TOKEN_APPLET_UPGRADE with [Outcome=Success]
|
|
|
86bca3 |
+# Description: This event is used when token apple upgrade succeeded.
|
|
|
86bca3 |
+# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# Outcome is "failure"
|
|
|
86bca3 |
-# CASubjectDN is DN ID of the CA
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - MSN:
|
|
|
86bca3 |
+# - KeyVersion:
|
|
|
86bca3 |
+# - oldAppletVersion:
|
|
|
86bca3 |
+# - newAppletVersion:
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE=<type=OCSP_REMOVE_CA_REQUEST_PROCESSED>:[AuditEvent=OCSP_REMOVE_CA_REQUEST_PROCESSED]{0} Remove CA for OCSP Responder has failed
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_TOKEN_APPLET_UPGRADE_SUCCESS=<type=TOKEN_APPLET_UPGRADE>:[AuditEvent=TOKEN_APPLET_UPGRADE]{0} token applet upgrade success
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: OCSP_GENERATION
|
|
|
86bca3 |
-# - used when an OCSP response generated is complete
|
|
|
86bca3 |
-# Applicable subsystems: CA, OCSP
|
|
|
86bca3 |
+# Event: TOKEN_KEY_CHANGEOVER with [Outcome=Failure]
|
|
|
86bca3 |
+# Description: This event is used when token key changeover failed.
|
|
|
86bca3 |
+# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# Outcome is "success" when OCSP response is generated successfully, "failure" otherwise
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - MSN:
|
|
|
86bca3 |
+# - tokenType:
|
|
|
86bca3 |
+# - AppletVersion:
|
|
|
86bca3 |
+# - oldKeyVersion:
|
|
|
86bca3 |
+# - newKeyVersion:
|
|
|
86bca3 |
+# - Info: Info in case of failure.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_OCSP_GENERATION=<type=OCSP_GENERATION>:[AuditEvent=OCSP_GENERATION]{0} OCSP response generation
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_TOKEN_KEY_CHANGEOVER_FAILURE=<type=TOKEN_KEY_CHANGEOVER>:[AuditEvent=TOKEN_KEY_CHANGEOVER]{0} token key changeover failure
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: RANDOM_GENERATION
|
|
|
86bca3 |
-# - used when a random number generation is complete
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Event: TOKEN_KEY_CHANGEOVER with [Outcome=Success]
|
|
|
86bca3 |
+# Description: This event is used when token key changeover succeeded.
|
|
|
86bca3 |
+# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# Info:
|
|
|
86bca3 |
-# - Caller is PKI code that calls the random number generator
|
|
|
86bca3 |
-# - Size is size of random number in bytes
|
|
|
86bca3 |
-# Outcome is "success" when a random number is generated successfully, "failure" otherwise
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_RANDOM_GENERATION=<type=RANDOM_GENERATION>:[AuditEvent=RANDOM_GENERATION]{0} Random number generation
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - MSN:
|
|
|
86bca3 |
+# - tokenType:
|
|
|
86bca3 |
+# - AppletVersion:
|
|
|
86bca3 |
+# - oldKeyVersion:
|
|
|
86bca3 |
+# - newKeyVersion:
|
|
|
86bca3 |
+# - Info: Usually is unused for success.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CMC_SIGNED_REQUEST_SIG_VERIFY
|
|
|
86bca3 |
-# - used when agent signed CMC certificate requests or revocation requests
|
|
|
86bca3 |
-# are submitted and signature is verified
|
|
|
86bca3 |
-# Applicable subsystems: CA
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_TOKEN_KEY_CHANGEOVER_SUCCESS=<type=TOKEN_KEY_CHANGEOVER>:[AuditEvent=TOKEN_KEY_CHANGEOVER]{0} token key changeover success
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: TOKEN_KEY_CHANGEOVER_REQUIRED
|
|
|
86bca3 |
+# Description: This event is used when token key changeover is required.
|
|
|
86bca3 |
+# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: Yes
|
|
|
86bca3 |
-# ReqType must be the request type (enrollment, or revocation)
|
|
|
86bca3 |
-# CertSubject must be the certificate subject name of the certificate request
|
|
|
86bca3 |
-# SignerInfo must be a unique String representation for the signer
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - MSN:
|
|
|
86bca3 |
+# - tokenType:
|
|
|
86bca3 |
+# - AppletVersion:
|
|
|
86bca3 |
+# - oldKeyVersion:
|
|
|
86bca3 |
+# - newKeyVersion:
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CMC_SIGNED_REQUEST_SIG_VERIFY=<type=CMC_SIGNED_REQUEST_SIG_VERIFY>:[AuditEvent=CMC_SIGNED_REQUEST_SIG_VERIFY]{0} agent signed CMC request signature verification
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_TOKEN_KEY_CHANGEOVER_REQUIRED_10=<type=TOKEN_KEY_CHANGEOVER_REQUIRED>:[AuditEvent=TOKEN_KEY_CHANGEOVER_REQUIRED][IP={0}][SubjectID={1}][CUID={2}][MSN={3}][Outcome={4}][tokenType={5}][AppletVersion={6}][oldKeyVersion={7}][newKeyVersion={8}][Info={9}] token key changeover required
|
|
|
86bca3 |
+#########################################################################
|
|
|
86bca3 |
+# Available Audit Events - Enabled by default: No
|
|
|
86bca3 |
+#########################################################################
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CMC_USER_SIGNED_REQUEST_SIG_VERIFY
|
|
|
86bca3 |
-# - used when CMC (user-signed or self-signed) certificate requests or revocation requests
|
|
|
86bca3 |
-# are submitted and signature is verified
|
|
|
86bca3 |
+# Event: AUDIT_LOG_DELETE
|
|
|
86bca3 |
+# Description: This event is used AFTER audit log gets expired.
|
|
|
86bca3 |
+# The ACL should not allow this operation, but it is provided in case ACL gets compromised.
|
|
|
86bca3 |
+# Make sure it is written AFTER the log expiration happens.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - LogFile: The complete name (including the path) of the
|
|
|
86bca3 |
+# signedAudit log that is attempted to be deleted.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_LOG_DELETE_3=<type=AUDIT_LOG_DELETE>:[AuditEvent=AUDIT_LOG_DELETE][SubjectID={0}][Outcome={1}][LogFile={2}] signedAudit log deletion
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: AUDIT_LOG_SHUTDOWN
|
|
|
86bca3 |
+# Description: This event is used at audit function shutdown.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_AUDIT_LOG_SHUTDOWN_2=<type=AUDIT_LOG_SHUTDOWN>:[AuditEvent=AUDIT_LOG_SHUTDOWN][SubjectID={0}][Outcome={1}] audit function shutdown
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: CIMC_CERT_VERIFICATION
|
|
|
86bca3 |
+# Description: This event is used for verifying CS system certificates.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - CertNickName: The certificate nickname.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION_3=<type=CIMC_CERT_VERIFICATION>:[AuditEvent=CIMC_CERT_VERIFICATION][SubjectID={0}][Outcome={1}][CertNickName={2}] CS certificate verification
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: CMC_ID_POP_LINK_WITNESS
|
|
|
86bca3 |
+# Description: This event is used for identification and POP linking verification during CMC request processing.
|
|
|
86bca3 |
# Applicable subsystems: CA
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# ReqType must be the request type (enrollment, or revocation)
|
|
|
86bca3 |
-# CertSubject must be the certificate subject name of the certificate request
|
|
|
86bca3 |
-# CMCSignerInfo must be a unique String representation for the CMC request signer
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CMC_USER_SIGNED_REQUEST_SIG_VERIFY_SUCCESS=<type=CMC_USER_SIGNED_REQUEST_SIG_VERIFY>:[AuditEvent=CMC_USER_SIGNED_REQUEST_SIG_VERIFY]{0} User signed CMC request signature verification success
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CMC_USER_SIGNED_REQUEST_SIG_VERIFY_FAILURE=<type=CMC_USER_SIGNED_REQUEST_SIG_VERIFY>:[AuditEvent=CMC_USER_SIGNED_REQUEST_SIG_VERIFY]{0} User signed CMC request signature verification failure
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CMC_ID_POP_LINK_WITNESS_3=<type=CMC_ID_POP_LINK_WITNESS>:[AuditEvent=CMC_ID_POP_LINK_WITNESS][SubjectID={0}][Outcome={1}][Info={2}] Identification Proof of Possession linking witness verification
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: COMPUTE_RANDOM_DATA_REQUEST
|
|
|
86bca3 |
-# - used for TPS to TKS to get random challenge data
|
|
|
86bca3 |
-# Applicable subsystems: TKS, TPS
|
|
|
86bca3 |
+# Event: CMC_PROOF_OF_IDENTIFICATION
|
|
|
86bca3 |
+# Description: This event is used for proof of identification during CMC request processing.
|
|
|
86bca3 |
+# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# AgentID must be the trusted agent id used to make the request
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# In case of success, "SubjectID" is the actual identified identification.
|
|
|
86bca3 |
+# In case of failure, "SubjectID" is the attempted identification.
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_COMPUTE_RANDOM_DATA_REQUEST_2=<type=COMPUTE_RANDOM_DATA_REQUEST>:[AuditEvent=COMPUTE_RANDOM_DATA_REQUEST][Outcome={0}][AgentID={1}] TKS Compute random data request
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CMC_PROOF_OF_IDENTIFICATION_3=<type=CMC_PROOF_OF_IDENTIFICATION>:[AuditEvent=CMC_PROOF_OF_IDENTIFICATION][SubjectID={0}][Outcome={1}][Info={2}] proof of identification in CMC request
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: COMPUTE_RANDOM_DATA_REQUEST_PROCESSED with [Outcome=Success]
|
|
|
86bca3 |
-# - used for TPS to TKS to get random challenge data
|
|
|
86bca3 |
+# Event: COMPUTE_RANDOM_DATA_REQUEST
|
|
|
86bca3 |
+# Description: This event is used when the request for TPS to TKS to get random challenge data is received.
|
|
|
86bca3 |
# Applicable subsystems: TKS, TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# Outcome is SUCCESS or FAILURE
|
|
|
86bca3 |
-# Status is 0 for no error.
|
|
|
86bca3 |
-# AgentID must be the trusted agent id used to make the request
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS=<type=COMPUTE_RANDOM_DATA_REQUEST_PROCESSED>:[AuditEvent=COMPUTE_RANDOM_DATA_REQUEST_PROCESSED]{0} TKS Compute random data request processed successfully
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - AgentID: The trusted agent ID used to make the request.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_COMPUTE_RANDOM_DATA_REQUEST_2=<type=COMPUTE_RANDOM_DATA_REQUEST>:[AuditEvent=COMPUTE_RANDOM_DATA_REQUEST][Outcome={0}][AgentID={1}] TKS Compute random data request
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: COMPUTE_RANDOM_DATA_REQUEST_PROCESSED with [Outcome=Failure]
|
|
|
86bca3 |
-# - used for TPS to TKS to get random challenge data
|
|
|
86bca3 |
+# Description: This event is used when the request for TPS to TKS to get random challenge data is processed unsuccessfully.
|
|
|
86bca3 |
# Applicable subsystems: TKS, TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# Outcome is SUCCESS or FAILURE
|
|
|
86bca3 |
-# Status is 0 for no error.
|
|
|
86bca3 |
-# Error gives the error message
|
|
|
86bca3 |
-# AgentID must be the trusted agent id used to make the request
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - Outcome: Success or Failure.
|
|
|
86bca3 |
+# - Status: 0 for no error.
|
|
|
86bca3 |
+# - Error: The error message.
|
|
|
86bca3 |
+# - AgentID: The trusted agent ID used to make the request.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE=<type=COMPUTE_RANDOM_DATA_REQUEST_PROCESSED>:[AuditEvent=COMPUTE_RANDOM_DATA_REQUEST_PROCCESED]{0} TKS Compute random data request failed
|
|
|
86bca3 |
#
|
|
|
86bca3 |
+# Event: COMPUTE_RANDOM_DATA_REQUEST_PROCESSED with [Outcome=Success]
|
|
|
86bca3 |
+# Description: This event is used when the request for TPS to TKS to get random challenge data is processed successfully.
|
|
|
86bca3 |
+# Applicable subsystems: TKS, TPS
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - Outcome: Success or Failure.
|
|
|
86bca3 |
+# - Status: 0 for no error.
|
|
|
86bca3 |
+# - AgentID: The trusted agent ID used to make the request.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS=<type=COMPUTE_RANDOM_DATA_REQUEST_PROCESSED>:[AuditEvent=COMPUTE_RANDOM_DATA_REQUEST_PROCESSED]{0} TKS Compute random data request processed successfully
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
# Event: COMPUTE_SESSION_KEY_REQUEST
|
|
|
86bca3 |
-# - used for TPS to TKS to get a sessoin key for secure channel setup
|
|
|
86bca3 |
+# Description: This event is used when the request for TPS to TKS to get a session key for secure channel is received.
|
|
|
86bca3 |
# Applicable subsystems: TKS, TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# SubjectID must be the CUID of the token establishing the secure channel
|
|
|
86bca3 |
-# AgentID must be the trusted agent id used to make the request
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - AgentID: The trusted agent ID used to make the request.
|
|
|
86bca3 |
## AC: KDF SPEC CHANGE - Need to log both the KDD and CUID, not just the
|
|
|
86bca3 |
## CUID. Renamed to "CUID_encoded" and "KDD_encoded" to reflect fact that
|
|
|
86bca3 |
## encoded parameters are being logged.
|
|
|
86bca3 |
-# CUID_encoded must be the special-encoded CUID of the token establishing the secure channel
|
|
|
86bca3 |
-# KDD_encoded must be the special-encoded KDD of the token establishing the secure channel
|
|
|
86bca3 |
+# - CUID_encoded: The special-encoded CUID of the token establishing the secure channel.
|
|
|
86bca3 |
+# - KDD_encoded: The special-encoded KDD of the token establishing the secure channel.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_COMPUTE_SESSION_KEY_REQUEST_4=<type=COMPUTE_SESSION_KEY_REQUEST>:[AuditEvent=COMPUTE_SESSION_KEY_REQUEST][CUID_encoded={0}][KDD_encoded={1}][Outcome={2}][AgentID={3}] TKS Compute session key request
|
|
|
86bca3 |
#
|
|
|
86bca3 |
+# Event: COMPUTE_SESSION_KEY_REQUEST_PROCESSED with [Outcome=Failure]
|
|
|
86bca3 |
+# Description: This event is used when the request for TPS to TKS to get a session key for secure channel is processed unsuccessfully.
|
|
|
86bca3 |
+# Applicable subsystems: TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - Outcome: Failure
|
|
|
86bca3 |
+# - status: Error code or 0 for no error.
|
|
|
86bca3 |
+# - AgentID: The trusted agent ID used to make the request.
|
|
|
86bca3 |
+# - IsCryptoValidate: tells if the card cryptogram is to be validated
|
|
|
86bca3 |
+# - IsServerSideKeygen: tells if the keys are to be generated on server
|
|
|
86bca3 |
+# - SelectedToken: The cryptographic token performing key operations.
|
|
|
86bca3 |
+# - KeyNickName: The numeric keyset, e.g. #01#01.
|
|
|
86bca3 |
+# - Error: The error message.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+## AC: KDF SPEC CHANGE - Need to log both the KDD and CUID, not just the CUID. Renamed to "CUID_decoded" and "KDD_decoded" to reflect fact that decoded parameters are now logged.
|
|
|
86bca3 |
+## Also added TKSKeyset, KeyInfo_KeyVersion, NistSP800_108KdfOnKeyVersion, NistSP800_108KdfUseCuidAsKdd
|
|
|
86bca3 |
+# - CUID_decoded: The ASCII-HEX representation of the CUID of the token establishing the secure channel.
|
|
|
86bca3 |
+# - KDD_decoded: The ASCII-HEX representation of the KDD of the token establishing the secure channel.
|
|
|
86bca3 |
+# - TKSKeyset: The name of the TKS keyset being used for this request.
|
|
|
86bca3 |
+# - KeyInfo_KeyVersion: The key version number requested in hex.
|
|
|
86bca3 |
+# - NistSP800_108KdfOnKeyVersion: The value of the corresponding setting in hex.
|
|
|
86bca3 |
+# - NistSP800_108KdfUseCuidAsKdd: The value of the corresponding setting in hex.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE=<type=COMPUTE_SESSION_KEY_REQUEST_PROCESSED>:[AuditEvent=COMPUTE_SESSION_KEY_REQUEST_PROCESSED]{0} TKS Compute session key request failed
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
# Event: COMPUTE_SESSION_KEY_REQUEST_PROCESSED with [Outcome=Success]
|
|
|
86bca3 |
-# - request for TPS to TKS to get a sessoin key for secure channel processed
|
|
|
86bca3 |
+# Description: This event is used when the request for TPS to TKS to get a session key for secure channel is processed successfully.
|
|
|
86bca3 |
# Applicable subsystems: TKS, TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# SubjectID must be the CUID of the token establishing the secure channel
|
|
|
86bca3 |
-# AgentID must be the trusted agent id used to make the request
|
|
|
86bca3 |
-# Outcome is SUCCESS or FAILURE
|
|
|
86bca3 |
-# Status is 0 for no error.
|
|
|
86bca3 |
-# IsCryptoValidate tells if the card cryptogram is to be validated
|
|
|
86bca3 |
-# IsServerSideKeygen tells if the keys are to be generated on server
|
|
|
86bca3 |
-# SelectedToken is the cryptographic token performing key operations
|
|
|
86bca3 |
-# KeyNickName is the number keyset ex: #01#01
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - AgentID: The trusted agent ID used to make the request.
|
|
|
86bca3 |
+# - Outcome: Success
|
|
|
86bca3 |
+# - status: 0 for no error.
|
|
|
86bca3 |
+# - IsCryptoValidate: tells if the card cryptogram is to be validated
|
|
|
86bca3 |
+# - IsServerSideKeygen: tells if the keys are to be generated on server
|
|
|
86bca3 |
+# - SelectedToken: The cryptographic token performing key operations.
|
|
|
86bca3 |
+# - KeyNickName: The number keyset, e.g. #01#01.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
## AC: KDF SPEC CHANGE - Need to log both the KDD and CUID, not just the
|
|
|
86bca3 |
## CUID. Renamed to "CUID_decoded" and "KDD_decoded" to reflect fact
|
|
|
86bca3 |
## that decoded parameters are now logged.
|
|
|
86bca3 |
## Also added TKSKeyset, KeyInfo_KeyVersion,
|
|
|
86bca3 |
## NistSP800_108KdfOnKeyVersion, NistSP800_108KdfUseCuidAsKdd
|
|
|
86bca3 |
-# CUID_decoded must be the ASCII-HEX representation of the CUID of the token establishing the secure channel
|
|
|
86bca3 |
-# KDD_decoded must be the ASCII-HEX representation of the KDD of the token establishing the secure channel
|
|
|
86bca3 |
-# TKSKeyset is the name of the TKS keyset being used for this request.
|
|
|
86bca3 |
-# KeyInfo_KeyVersion is the key version number requested in hex.
|
|
|
86bca3 |
-# NistSP800_108KdfOnKeyVersion lists the value of the corresponding setting in hex.
|
|
|
86bca3 |
-# NistSP800_108KdfUseCuidAsKdd lists the value of the corresponding setting in hex.
|
|
|
86bca3 |
+# - CUID_decoded: The ASCII-HEX representation of the CUID of the token establishing the secure channel.
|
|
|
86bca3 |
+# - KDD_decoded: The ASCII-HEX representation of the KDD of the token establishing the secure channel.
|
|
|
86bca3 |
+# - TKSKeyset: The name of the TKS keyset being used for this request.
|
|
|
86bca3 |
+# - KeyInfo_KeyVersion: The key version number requested in hex.
|
|
|
86bca3 |
+# - NistSP800_108KdfOnKeyVersion: The value of the corresponding setting in hex.
|
|
|
86bca3 |
+# - NistSP800_108KdfUseCuidAsKdd: The value of the corresponding setting in hex.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS=<type=COMPUTE_SESSION_KEY_REQUEST_PROCESSED>:[AuditEvent=COMPUTE_SESSION_KEY_REQUEST_PROCESSED]{0} TKS Compute session key request processed successfully
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: COMPUTE_SESSION_KEY_REQUEST_PROCESSED with [Outcome=Failure]
|
|
|
86bca3 |
-# - request for TPS to TKS to get a sessoin key for secure channel processed
|
|
|
86bca3 |
-# Applicable subsystems: TKS, TPS
|
|
|
86bca3 |
+# Event: CONFIG_CERT_POLICY
|
|
|
86bca3 |
+# Description: This event is used when configuring certificate policy constraints and extensions.
|
|
|
86bca3 |
+# Applicable subsystems: CA
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# SubjectID must be the CUID of the token establishing the secure channel
|
|
|
86bca3 |
-# Outcome is SUCCESS or FAILURE
|
|
|
86bca3 |
-# Status is error code or 0 for no error.
|
|
|
86bca3 |
-# AgentID must be the trusted agent id used to make the request
|
|
|
86bca3 |
-# status is 0 for success, non-zero for various errors
|
|
|
86bca3 |
-# IsCryptoValidate tells if the card cryptogram is to be validated
|
|
|
86bca3 |
-# IsServerSideKeygen tells if the keys are to be generated on server
|
|
|
86bca3 |
-# SelectedToken is the cryptographic token performing key operations
|
|
|
86bca3 |
-# KeyNickName is the numeric keyset ex: #01#01
|
|
|
86bca3 |
-# Error gives the error message
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-## AC: KDF SPEC CHANGE - Need to log both the KDD and CUID, not just the CUID. Renamed to "CUID_decoded" and "KDD_decoded" to reflect fact that decoded parameters are now logged.
|
|
|
86bca3 |
-## Also added TKSKeyset, KeyInfo_KeyVersion, NistSP800_108KdfOnKeyVersion, NistSP800_108KdfUseCuidAsKdd
|
|
|
86bca3 |
-# CUID_decoded must be the ASCII-HEX representation of the CUID of the token establishing the secure channel
|
|
|
86bca3 |
-# KDD_decoded must be the ASCII-HEX representation of the KDD of the token establishing the secure channel
|
|
|
86bca3 |
-# TKSKeyset is the name of the TKS keyset being used for this request.
|
|
|
86bca3 |
-# KeyInfo_KeyVersion is the key version number requested in hex.
|
|
|
86bca3 |
-# NistSP800_108KdfOnKeyVersion lists the value of the corresponding setting in hex.
|
|
|
86bca3 |
-# NistSP800_108KdfUseCuidAsKdd lists the value of the corresponding setting in hex
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY_3=<type=CONFIG_CERT_POLICY>:[AuditEvent=CONFIG_CERT_POLICY][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] certificate policy constraint or extension configuration parameter(s) change
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE=<type=COMPUTE_SESSION_KEY_REQUEST_PROCESSED>:[AuditEvent=COMPUTE_SESSION_KEY_REQUEST_PROCESSED]{0} TKS Compute session key request failed
|
|
|
86bca3 |
+# Event: CONFIG_TOKEN_GENERAL
|
|
|
86bca3 |
+# Description: This event is used when doing general TPS configuration.
|
|
|
86bca3 |
+# Applicable subsystems: TPS
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
+# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
+# - Info: Error info for failed cases.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_TOKEN_GENERAL_5=<type=CONFIG_TOKEN_GENERAL>:[AuditEvent=CONFIG_TOKEN_GENERAL][SubjectID={0}][Outcome={1}][Service={2}][ParamNameValPairs={3}][Info={4}] TPS token configuration parameter(s) change
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: CONFIG_TOKEN_PROFILE
|
|
|
86bca3 |
+# Description: This event is used when configuring token profile.
|
|
|
86bca3 |
+# Applicable subsystems: TPS
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - Service: can be any of the methods offered
|
|
|
86bca3 |
+# - ProfileID:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
+# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
+# - Info: Error info for failed cases.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CONFIG_TOKEN_PROFILE_6=<type=CONFIG_TOKEN_PROFILE>:[AuditEvent=CONFIG_TOKEN_PROFILE][SubjectID={0}][Outcome={1}][Service={2}][ProfileID={3}][ParamNameValPairs={4}][Info={5}] token profile configuration parameter(s) change
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: CRL_RETRIEVAL
|
|
|
86bca3 |
+# Description: This event is used when CRLs are retrieved by the OCSP Responder.
|
|
|
86bca3 |
+# Applicable subsystems: OCSP
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome: "Success" when CRL is retrieved successfully, "Failure" otherwise.
|
|
|
86bca3 |
+# - CRLnum: The CRL number that identifies the CRL.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CRL_RETRIEVAL_3=<type=CRL_RETRIEVAL>:[AuditEvent=CRL_RETRIEVAL][SubjectID={0}][Outcome={1}][CRLnum={2}] CRL retrieval
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: CRL_VALIDATION
|
|
|
86bca3 |
+# Description: This event is used when CRL is retrieved and validation process occurs.
|
|
|
86bca3 |
+# Applicable subsystems: OCSP
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_CRL_VALIDATION_2=<type=CRL_VALIDATION>:[AuditEvent=CRL_VALIDATION][SubjectID={0}][Outcome={1}] CRL validation
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: DELTA_CRL_PUBLISHING
|
|
|
86bca3 |
+# Description: This event is used when delta CRL publishing is complete.
|
|
|
86bca3 |
+# Applicable subsystems: CA
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome: "Success" when delta CRL is publishing successfully, "Failure" otherwise.
|
|
|
86bca3 |
+# - CRLnum:
|
|
|
86bca3 |
+# - FailureReason:
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_DELTA_CRL_PUBLISHING=<type=DELTA_CRL_PUBLISHING>:[AuditEvent=DELTA_CRL_PUBLISHING]{0} Delta CRL publishing
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: DIVERSIFY_KEY_REQUEST
|
|
|
86bca3 |
-# - request for TPS to TKS to do key change over
|
|
|
86bca3 |
+# Description: This event is used when the request for TPS to TKS to do key changeover is received.
|
|
|
86bca3 |
# Applicable subsystems: TKS, TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# SubjectID must be the CUID of the token requesting key change over
|
|
|
86bca3 |
-# AgentID must be the trusted agent id used to make the request
|
|
|
86bca3 |
-# status is 0 for success, non-zero for various errors
|
|
|
86bca3 |
-# oldMasterKeyName is the old master key name
|
|
|
86bca3 |
-# newMasterKeyName is the new master key name
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - AgentID: The trusted agent ID used to make the request.
|
|
|
86bca3 |
+# - oldMasterKeyName: The old master key name.
|
|
|
86bca3 |
+# - newMasterKeyName: The new master key name.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
## AC: KDF SPEC CHANGE - Need to log both the KDD and CUID, not just the CUID. Renamed to "CUID_encoded" and "KDD_encoded" to reflect fact that encoded parameters are being logged.
|
|
|
86bca3 |
-# CUID_encoded must be the special-encoded CUID of the token establishing the secure channel
|
|
|
86bca3 |
-# KDD_encoded must be the special-encoded KDD of the token establishing the secure channel
|
|
|
86bca3 |
+# - CUID_encoded: The special-encoded CUID of the token establishing the secure channel.
|
|
|
86bca3 |
+# - KDD_encoded: The special-encoded KDD of the token establishing the secure channel.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_DIVERSIFY_KEY_REQUEST_6=<type=DIVERSIFY_KEY_REQUEST>:[AuditEvent=DIVERSIFY_KEY_REQUEST][CUID_encoded={0}][KDD_encoded={1}][Outcome={2}][AgentID={3}][oldMasterKeyName={4}][newMasterKeyName={5}] TKS Key Change Over request
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: DIVERSIFY_KEY_REQUEST_PROCESSED with [Outcome=Success]
|
|
|
86bca3 |
-# - request for TPS to TKS to do key change over request processed
|
|
|
86bca3 |
+# Event: DIVERSIFY_KEY_REQUEST_PROCESSED with [Outcome=Failure]
|
|
|
86bca3 |
+# Description: This event is when the request for TPS to TKS to do key changeover is processed unsuccessfully.
|
|
|
86bca3 |
# Applicable subsystems: TKS, TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# SubjectID must be the CUID of the token requesting key change over
|
|
|
86bca3 |
-# AgentID must be the trusted agent id used to make the request
|
|
|
86bca3 |
-# Outcome is SUCCESS or FAILURE
|
|
|
86bca3 |
-# status is 0 for success, non-zero for various errors
|
|
|
86bca3 |
-# oldMasterKeyName is the old master key name
|
|
|
86bca3 |
-# newMasterKeyName is the new master key name
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - AgentID: The trusted agent ID used to make the request.
|
|
|
86bca3 |
+# - Outcome: Failure
|
|
|
86bca3 |
+# - status: 0 for success, non-zero for various errors.
|
|
|
86bca3 |
+# - oldMasterKeyName: The old master key name.
|
|
|
86bca3 |
+# - newMasterKeyName: The new master key name.
|
|
|
86bca3 |
+# - Error: The error message.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
## AC: KDF SPEC CHANGE - Need to log both the KDD and CUID, not just the CUID. Renamed to "CUID_decoded" and "KDD_decoded" to reflect fact that decoded parameters are now logged.
|
|
|
86bca3 |
## Also added TKSKeyset, OldKeyInfo_KeyVersion, NewKeyInfo_KeyVersion, NistSP800_108KdfOnKeyVersion, NistSP800_108KdfUseCuidAsKdd
|
|
|
86bca3 |
-# CUID_decoded must be the ASCII-HEX representation of the CUID of the token establishing the secure channel
|
|
|
86bca3 |
-# KDD_decoded must be the ASCII-HEX representation of the KDD of the token establishing the secure channel
|
|
|
86bca3 |
-# TKSKeyset is the name of the TKS keyset being used for this request.
|
|
|
86bca3 |
-# OldKeyInfo_KeyVersion is the old key version number in hex.
|
|
|
86bca3 |
-# NewKeyInfo_KeyVersion is the new key version number in hex.
|
|
|
86bca3 |
-# NistSP800_108KdfOnKeyVersion lists the value of the corresponding setting in hex.
|
|
|
86bca3 |
-# NistSP800_108KdfUseCuidAsKdd lists the value of the corresponding setting in hex.
|
|
|
86bca3 |
+# - CUID_decoded: The ASCII-HEX representation of the CUID of the token establishing the secure channel.
|
|
|
86bca3 |
+# - KDD_decoded: The ASCII-HEX representation of the KDD of the token establishing the secure channel.
|
|
|
86bca3 |
+# - TKSKeyset: The name of the TKS keyset being used for this request.
|
|
|
86bca3 |
+# - OldKeyInfo_KeyVersion: The old key version number in hex.
|
|
|
86bca3 |
+# - NewKeyInfo_KeyVersion: The new key version number in hex.
|
|
|
86bca3 |
+# - NistSP800_108KdfOnKeyVersion: The value of the corresponding setting in hex.
|
|
|
86bca3 |
+# - NistSP800_108KdfUseCuidAsKdd: The value of the corresponding setting in hex.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS=<type=DIVERSIFY_KEY_REQUEST_PROCESSED>:[AuditEvent=DIVERSIFY_KEY_REQUEST_PROCESSED]{0} TKS Key Change Over request processed successfully
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE=<type=DIVERSIFY_KEY_REQUEST_PROCESSED>:[AuditEvent=DIVERSIFY_KEY_REQUEST_PROCESSED]{0} TKS Key Change Over request failed
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: DIVERSIFY_KEY_REQUEST_PROCESSED with [Outcome=Failure]
|
|
|
86bca3 |
-# - request for TPS to TKS to do key change over request processed
|
|
|
86bca3 |
+# Event: DIVERSIFY_KEY_REQUEST_PROCESSED with [Outcome=Success]
|
|
|
86bca3 |
+# Description: This event is used when the request for TPS to TKS to do key changeover is processed successfully.
|
|
|
86bca3 |
# Applicable subsystems: TKS, TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# SubjectID must be the CUID of the token requesting key change over
|
|
|
86bca3 |
-# AgentID must be the trusted agent id used to make the request
|
|
|
86bca3 |
-# Outcome is SUCCESS or FAILURE
|
|
|
86bca3 |
-# status is 0 for success, non-zero for various errors
|
|
|
86bca3 |
-# oldMasterKeyName is the old master key name
|
|
|
86bca3 |
-# newMasterKeyName is the new master key name
|
|
|
86bca3 |
-# Error gives the error message
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - AgentID: The trusted agent ID used to make the request.
|
|
|
86bca3 |
+# - Outcome: Success
|
|
|
86bca3 |
+# - status: 0 for success, non-zero for various errors.
|
|
|
86bca3 |
+# - oldMasterKeyName: The old master key name.
|
|
|
86bca3 |
+# - newMasterKeyName: The new master key name.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
## AC: KDF SPEC CHANGE - Need to log both the KDD and CUID, not just the CUID. Renamed to "CUID_decoded" and "KDD_decoded" to reflect fact that decoded parameters are now logged.
|
|
|
86bca3 |
## Also added TKSKeyset, OldKeyInfo_KeyVersion, NewKeyInfo_KeyVersion, NistSP800_108KdfOnKeyVersion, NistSP800_108KdfUseCuidAsKdd
|
|
|
86bca3 |
-# CUID_decoded must be the ASCII-HEX representation of the CUID of the token establishing the secure channel
|
|
|
86bca3 |
-# KDD_decoded must be the ASCII-HEX representation of the KDD of the token establishing the secure channel
|
|
|
86bca3 |
-# TKSKeyset is the name of the TKS keyset being used for this request.
|
|
|
86bca3 |
-# OldKeyInfo_KeyVersion is the old key version number in hex.
|
|
|
86bca3 |
-# NewKeyInfo_KeyVersion is the new key version number in hex.
|
|
|
86bca3 |
-# NistSP800_108KdfOnKeyVersion lists the value of the corresponding setting in hex.
|
|
|
86bca3 |
-# NistSP800_108KdfUseCuidAsKdd lists the value of the corresponding setting in hex
|
|
|
86bca3 |
+# - CUID_decoded: The ASCII-HEX representation of the CUID of the token establishing the secure channel.
|
|
|
86bca3 |
+# - KDD_decoded: The ASCII-HEX representation of the KDD of the token establishing the secure channel.
|
|
|
86bca3 |
+# - TKSKeyset: The name of the TKS keyset being used for this request.
|
|
|
86bca3 |
+# - OldKeyInfo_KeyVersion: The old key version number in hex.
|
|
|
86bca3 |
+# - NewKeyInfo_KeyVersion: The new key version number in hex.
|
|
|
86bca3 |
+# - NistSP800_108KdfOnKeyVersion: The value of the corresponding setting in hex.
|
|
|
86bca3 |
+# - NistSP800_108KdfUseCuidAsKdd: The value of the corresponding setting in hex.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE=<type=DIVERSIFY_KEY_REQUEST_PROCESSED>:[AuditEvent=DIVERSIFY_KEY_REQUEST_PROCESSED]{0} TKS Key Change Over request failed
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS=<type=DIVERSIFY_KEY_REQUEST_PROCESSED>:[AuditEvent=DIVERSIFY_KEY_REQUEST_PROCESSED]{0} TKS Key Change Over request processed successfully
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: ENCRYPT_DATA_REQUEST
|
|
|
86bca3 |
-# - request from TPS to TKS to encrypt data
|
|
|
86bca3 |
-# (or generate random data and encrypt)
|
|
|
86bca3 |
+# Description: This event is used when the request from TPS to TKS to encrypt data
|
|
|
86bca3 |
+# (or generate random data and encrypt) is received.
|
|
|
86bca3 |
# Applicable subsystems: TKS, TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# SubjectID must be the CUID of the token requesting encrypt data
|
|
|
86bca3 |
-# AgentID must be the trusted agent id used to make the request
|
|
|
86bca3 |
-# status is 0 for success, non-zero for various errors
|
|
|
86bca3 |
-# isRandom tells if the data is randomly generated on TKS
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_ENCRYPT_DATA_REQUEST_4=<type=ENCRYPT_DATA_REQUEST>:[AuditEvent=ENCRYPT_DATA_REQUEST][SubjectID={0}][status={1}][AgentID={2}][isRandom={3}] TKS encrypt data request
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: The CUID of the token requesting encrypt data.
|
|
|
86bca3 |
+# - AgentID: The trusted agent ID used to make the request.
|
|
|
86bca3 |
+# - status: 0 for success, non-zero for various errors.
|
|
|
86bca3 |
+# - isRandom: tells if the data is randomly generated on TKS
|
|
|
86bca3 |
#
|
|
|
86bca3 |
## AC: KDF SPEC CHANGE - Need to log both the KDD and CUID, not just the CUID. Renamed to "CUID_encoded" and "KDD_encoded" to reflect fact that encoded parameters are being logged.
|
|
|
86bca3 |
-# CUID_encoded must be the special-encoded CUID of the token establishing the secure channel
|
|
|
86bca3 |
-# KDD_encoded must be the special-encoded KDD of the token establishing the secure channel
|
|
|
86bca3 |
+# - CUID_encoded: The special-encoded CUID of the token establishing the secure channel.
|
|
|
86bca3 |
+# - KDD_encoded: The special-encoded KDD of the token establishing the secure channel.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_ENCRYPT_DATA_REQUEST_4=<type=ENCRYPT_DATA_REQUEST>:[AuditEvent=ENCRYPT_DATA_REQUEST][SubjectID={0}][status={1}][AgentID={2}][isRandom={3}] TKS encrypt data request
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_ENCRYPT_DATA_REQUEST_5=<type=ENCRYPT_DATA_REQUEST>:[AuditEvent=ENCRYPT_DATA_REQUEST][CUID_encoded={0}][KDD_encoded={1}][status={2}][AgentID={3}][isRandom={4}] TKS encrypt data request
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: ENCRYPT_DATA_REQUEST_PROCESSED with [Outcome=Success]
|
|
|
86bca3 |
-# - request from TPS to TKS to encrypt data
|
|
|
86bca3 |
-# (or generate random data and encrypt)
|
|
|
86bca3 |
+# Event: ENCRYPT_DATA_REQUEST_PROCESSED with [Outcome=Failure]
|
|
|
86bca3 |
+# Description: This event is used when the request from TPS to TKS to encrypt data
|
|
|
86bca3 |
+# (or generate random data and encrypt) is processed unsuccessfully.
|
|
|
86bca3 |
# Applicable subsystems: TKS, TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# SubjectID must be the CUID of the token requesting encrypt data
|
|
|
86bca3 |
-# AgentID must be the trusted agent id used to make the request
|
|
|
86bca3 |
-# Outcome is SUCCESS or FAILURE
|
|
|
86bca3 |
-# status is 0 for success, non-zero for various errors
|
|
|
86bca3 |
-# isRandom tells if the data is randomly generated on TKS
|
|
|
86bca3 |
-# SelectedToken is the cryptographic token performing key operations
|
|
|
86bca3 |
-# KeyNickName is the numeric keyset ex: #01#01
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - AgentID: The trusted agent ID used to make the request.
|
|
|
86bca3 |
+# - Outcome: Failure
|
|
|
86bca3 |
+# - status: 0 for success, non-zero for various errors.
|
|
|
86bca3 |
+# - isRandom: tells if the data is randomly generated on TKS
|
|
|
86bca3 |
+# - SelectedToken: The cryptographic token performing key operations.
|
|
|
86bca3 |
+# - KeyNickName: The numeric keyset, e.g. #01#01.
|
|
|
86bca3 |
+# - Error: The error message.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
## AC: KDF SPEC CHANGE - Need to log both the KDD and CUID, not just the CUID. Renamed to "CUID_decoded" and "KDD_decoded" to reflect fact that decoded parameters are now logged.
|
|
|
86bca3 |
## Also added TKSKeyset, KeyInfo_KeyVersion, NistSP800_108KdfOnKeyVersion, NistSP800_108KdfUseCuidAsKdd
|
|
|
86bca3 |
-# CUID_decoded must be the ASCII-HEX representation of the CUID of the token establishing the secure channel
|
|
|
86bca3 |
-# KDD_decoded must be the ASCII-HEX representation of the KDD of the token establishing the secure channel
|
|
|
86bca3 |
-# TKSKeyset is the name of the TKS keyset being used for this request.
|
|
|
86bca3 |
-# KeyInfo_KeyVersion is the key version number requested in hex.
|
|
|
86bca3 |
-# NistSP800_108KdfOnKeyVersion lists the value of the corresponding setting in hex.
|
|
|
86bca3 |
-# NistSP800_108KdfUseCuidAsKdd lists the value of the corresponding setting in hex.
|
|
|
86bca3 |
+# - CUID_decoded: The ASCII-HEX representation of the CUID of the token establishing the secure channel.
|
|
|
86bca3 |
+# - KDD_decoded: The ASCII-HEX representation of the KDD of the token establishing the secure channel.
|
|
|
86bca3 |
+# - TKSKeyset: The name of the TKS keyset being used for this request.
|
|
|
86bca3 |
+# - KeyInfo_KeyVersion: The key version number requested in hex.
|
|
|
86bca3 |
+# - NistSP800_108KdfOnKeyVersion: The value of the corresponding setting in hex.
|
|
|
86bca3 |
+# - NistSP800_108KdfUseCuidAsKdd: The value of the corresponding setting in hex.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS=<type=ENCRYPT_DATA_REQUEST_PROCESSED>:[AuditEvent=ENCRYPT_DATA_REQUEST_PROCESSED]{0} TKS encrypt data request processed successfully
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE=<type=ENCRYPT_DATA_REQUEST_PROCESSED>:[AuditEvent=ENCRYPT_DATA_REQUEST_PROCESSED]{0} TKS encrypt data request failed
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: ENCRYPT_DATA_REQUEST_PROCESSED with [Outcome=Failure]
|
|
|
86bca3 |
-# - request from TPS to TKS to encrypt data
|
|
|
86bca3 |
-# (or generate random data and encrypt)
|
|
|
86bca3 |
+# Event: ENCRYPT_DATA_REQUEST_PROCESSED with [Outcome=Success]
|
|
|
86bca3 |
+# Description: This event is used when the request from TPS to TKS to encrypt data
|
|
|
86bca3 |
+# (or generate random data and encrypt) is processed successfully.
|
|
|
86bca3 |
# Applicable subsystems: TKS, TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# SubjectID must be the CUID of the token requesting encrypt data
|
|
|
86bca3 |
-# AgentID must be the trusted agent id used to make the request
|
|
|
86bca3 |
-# Outocme is SUCCESS or FAILURE
|
|
|
86bca3 |
-# status is 0 for success, non-zero for various errors
|
|
|
86bca3 |
-# isRandom tells if the data is randomly generated on TKS
|
|
|
86bca3 |
-# SelectedToken is the cryptographic token performing key operations
|
|
|
86bca3 |
-# KeyNickName is the numeric keyset ex: #01#01
|
|
|
86bca3 |
-# Error gives the error message
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - AgentID: The trusted agent ID used to make the request.
|
|
|
86bca3 |
+# - Outcome: Success
|
|
|
86bca3 |
+# - status: 0 for success, non-zero for various errors.
|
|
|
86bca3 |
+# - isRandom: tells if the data is randomly generated on TKS
|
|
|
86bca3 |
+# - SelectedToken: The cryptographic token performing key operations.
|
|
|
86bca3 |
+# - KeyNickName: The numeric keyset, e.g. #01#01.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
## AC: KDF SPEC CHANGE - Need to log both the KDD and CUID, not just the CUID. Renamed to "CUID_decoded" and "KDD_decoded" to reflect fact that decoded parameters are now logged.
|
|
|
86bca3 |
## Also added TKSKeyset, KeyInfo_KeyVersion, NistSP800_108KdfOnKeyVersion, NistSP800_108KdfUseCuidAsKdd
|
|
|
86bca3 |
-# CUID_decoded must be the ASCII-HEX representation of the CUID of the token establishing the secure channel
|
|
|
86bca3 |
-# KDD_decoded must be the ASCII-HEX representation of the KDD of the token establishing the secure channel
|
|
|
86bca3 |
-# TKSKeyset is the name of the TKS keyset being used for this request.
|
|
|
86bca3 |
-# KeyInfo_KeyVersion is the key version number requested in hex.
|
|
|
86bca3 |
-# NistSP800_108KdfOnKeyVersion lists the value of the corresponding setting in hex.
|
|
|
86bca3 |
-# NistSP800_108KdfUseCuidAsKdd lists the value of the corresponding setting in hex.
|
|
|
86bca3 |
+# - CUID_decoded: The ASCII-HEX representation of the CUID of the token establishing the secure channel.
|
|
|
86bca3 |
+# - KDD_decoded: The ASCII-HEX representation of the KDD of the token establishing the secure channel.
|
|
|
86bca3 |
+# - TKSKeyset: The name of the TKS keyset being used for this request.
|
|
|
86bca3 |
+# - KeyInfo_KeyVersion: The key version number requested in hex.
|
|
|
86bca3 |
+# - NistSP800_108KdfOnKeyVersion: The value of the corresponding setting in hex.
|
|
|
86bca3 |
+# - NistSP800_108KdfUseCuidAsKdd: The value of the corresponding setting in hex.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE=<type=ENCRYPT_DATA_REQUEST_PROCESSED>:[AuditEvent=ENCRYPT_DATA_REQUEST_PROCESSED]{0} TKS encrypt data request failed
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS=<type=ENCRYPT_DATA_REQUEST_PROCESSED>:[AuditEvent=ENCRYPT_DATA_REQUEST_PROCESSED]{0} TKS encrypt data request processed successfully
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: SECURITY_DOMAIN_UPDATE
|
|
|
86bca3 |
-# - used when updating contents of security domain
|
|
|
86bca3 |
-# (add/remove a subsystem)
|
|
|
86bca3 |
+# Event: FULL_CRL_PUBLISHING
|
|
|
86bca3 |
+# Description: This event is used when full CRL publishing is complete.
|
|
|
86bca3 |
# Applicable subsystems: CA
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome: "Success" when full CRL is publishing successfully, "Failure" otherwise.
|
|
|
86bca3 |
+# - CRLnum:
|
|
|
86bca3 |
+# - FailureReason:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE_1=<type=SECURITY_DOMAIN_UPDATE>:[AuditEvent=SECURITY_DOMAIN_UPDATE][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] security domain update
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_FULL_CRL_PUBLISHING=<type=FULL_CRL_PUBLISHING>:[AuditEvent=FULL_CRL_PUBLISHING]{0} Full CRL publishing
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CONFIG_SERIAL_NUMBER
|
|
|
86bca3 |
-# - used when configuring serial number ranges
|
|
|
86bca3 |
-# (when requesting a serial number range when cloning, for example)
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
+# Event: INTER_BOUNDARY
|
|
|
86bca3 |
+# Description: This event is used when inter-CS boundary data transfer is successful.
|
|
|
86bca3 |
+# This is used when data does not need to be captured.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - ProtectionMethod: "SSL" or "unknown".
|
|
|
86bca3 |
+# - ReqType: The request type.
|
|
|
86bca3 |
+# - ReqID: The request ID.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_SERIAL_NUMBER_1=<type=CONFIG_SERIAL_NUMBER>:[AuditEvent=CONFIG_SERIAL_NUMBER][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] serial number range update
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_INTER_BOUNDARY_SUCCESS_5=<type=INTER_BOUNDARY>:[AuditEvent=INTER_BOUNDARY][SubjectID={0}][Outcome={1}][ProtectionMethod={2}][ReqType={3}][ReqID={4}] inter-CS boundary communication (data exchange) success
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED
|
|
|
86bca3 |
-# - used when user security data archive request is processed
|
|
|
86bca3 |
-# this is when DRM receives and processed the request
|
|
|
86bca3 |
+# Event: KEY_RECOVERY_AGENT_LOGIN
|
|
|
86bca3 |
+# Description: This event is used when KRA agents login as recovery agents to approve
|
|
|
86bca3 |
+# key recovery requests.
|
|
|
86bca3 |
# Applicable subsystems: KRA
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# ArchivalRequestID is the requestID provided by the CA through the connector
|
|
|
86bca3 |
-# It is used to track the request through from CA to KRA.
|
|
|
86bca3 |
-# RequestId is the KRA archival request ID
|
|
|
86bca3 |
-# ClientKeyID must be the user supplied client ID associated with
|
|
|
86bca3 |
-# the security data to be archived
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - RecoveryID: The recovery request ID.
|
|
|
86bca3 |
+# - RecoveryAgent: The recovery agent the KRA agent is
|
|
|
86bca3 |
+# logging in with.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED=<type=SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED>:[AuditEvent=SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED]{0} security data archival request processed
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_KEY_RECOVERY_AGENT_LOGIN_4=<type=KEY_RECOVERY_AGENT_LOGIN>:[AuditEvent=KEY_RECOVERY_AGENT_LOGIN][SubjectID={0}][Outcome={1}][RecoveryID={2}][RecoveryAgent={3}] key recovery agent login
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: SECURITY_DATA_ARCHIVAL_REQUEST
|
|
|
86bca3 |
-# - used when security data recovery request is made
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# ArchivalRequestID is the requestID provided by the CA through the connector
|
|
|
86bca3 |
-# It is used to track the request through from CA to KRA.
|
|
|
86bca3 |
-# RequestId is the KRA archival request ID
|
|
|
86bca3 |
-# ClientKeyID must be the user supplied client ID associated with
|
|
|
86bca3 |
-# the security data to be archived
|
|
|
86bca3 |
+# Event: KEY_RECOVERY_REQUEST
|
|
|
86bca3 |
+# Description: This event is used when key recovery request is made.
|
|
|
86bca3 |
+# Applicable subsystems: CA, OCSP, TKS, TPS, TPS
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - RecoveryID: The recovery request ID.
|
|
|
86bca3 |
+# - PubKey: The base-64 encoded public key associated with
|
|
|
86bca3 |
+# the private key to be recovered.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_SECURITY_DATA_ARCHIVAL_REQUEST=<type=SECURITY_DATA_ARCHIVAL_REQUEST>:[AuditEvent=SECURITY_DATA_ARCHIVAL_REQUEST]{0} security data archival request made
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_4=<type=KEY_RECOVERY_REQUEST>:[AuditEvent=KEY_RECOVERY_REQUEST][SubjectID={0}][Outcome={1}][RecoveryID={2}][PubKey={3}] key recovery request made
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: SECURITY_DATA_RECOVERY_REQUEST_PROCESSED
|
|
|
86bca3 |
-# - used when security data recovery request is processed
|
|
|
86bca3 |
+# Event: KEY_STATUS_CHANGE
|
|
|
86bca3 |
+# Description: This event is used when modify key status is executed.
|
|
|
86bca3 |
# Applicable subsystems: KRA
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# RecoveryID must be the recovery request ID
|
|
|
86bca3 |
-# KeyID is the ID of the security data being requested to be recovered
|
|
|
86bca3 |
-# RecoveryAgents are the UIDs of the recovery agents approving this request
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - KeyID: An existing key ID in the database.
|
|
|
86bca3 |
+# - OldStatus: The old status to change from.
|
|
|
86bca3 |
+# - NewStatus: The new status to change to.
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_SECURITY_DATA_RECOVERY_REQUEST_PROCESSED=<type=SECURITY_DATA_RECOVERY_REQUEST_PROCESSED>:[AuditEvent=SECURITY_DATA_RECOVERY_REQUEST_PROCESSED]{0} security data recovery request processed
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_KEY_STATUS_CHANGE=<type=KEY_STATUS_CHANGE>:[AuditEvent=KEY_STATUS_CHANGE]{0} Key Status Change
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: SECURITY_DATA_RECOVERY_REQUEST
|
|
|
86bca3 |
-# - used when security data recovery request is made
|
|
|
86bca3 |
-# Applicable subsystems: KRA
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# RecoveryID must be the recovery request ID
|
|
|
86bca3 |
-# DataID is the ID of the security data to be recovered
|
|
|
86bca3 |
+# Event: LOG_EXPIRATION_CHANGE (disabled)
|
|
|
86bca3 |
+# Description: This event is used when log expiration time change is attempted.
|
|
|
86bca3 |
+# The ACL should not allow this operation, but make sure it's written after the attempt.
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - LogType: "System", "Transaction", or "SignedAudit".
|
|
|
86bca3 |
+# - ExpirationTime: The amount of time (in seconds) that is
|
|
|
86bca3 |
+# attempted to be changed to.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_SECURITY_DATA_RECOVERY_REQUEST=<type=SECURITY_DATA_RECOVERY_REQUEST>:[AuditEvent=SECURITY_DATA_RECOVERY_REQUEST]{0} security data recovery request made
|
|
|
86bca3 |
+#LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE_4=<type=LOG_EXPIRATION_CHANGE>:[AuditEvent=LOG_EXPIRATION_CHANGE][SubjectID={0}][Outcome={1}][LogType={2}][ExpirationTime={3}] log expiration time change attempt
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE
|
|
|
86bca3 |
-# - used when DRM agents login as recovery agents to change
|
|
|
86bca3 |
-# the state of key recovery requests
|
|
|
86bca3 |
-# Applicable subsystems: KRA
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# RecoveryID must be the recovery request ID
|
|
|
86bca3 |
-# Operation is the operation performed (approve, reject, cancel etc.)
|
|
|
86bca3 |
+# Event: NON_PROFILE_CERT_REQUEST
|
|
|
86bca3 |
+# Description: This event is used when a non-profile certificate request is made (before approval process).
|
|
|
86bca3 |
+# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID: The UID of user that triggered this event.
|
|
|
86bca3 |
+# If CMC enrollment requests signed by an agent, SubjectID should
|
|
|
86bca3 |
+# be that of the agent.
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - CertSubject: The certificate subject name of the certificate request.
|
|
|
86bca3 |
+# - ReqID: The certificate request ID.
|
|
|
86bca3 |
+# - ServiceID: The identity of the servlet that submitted the original
|
|
|
86bca3 |
+# request.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE=<type=SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE>:[AuditEvent=SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE]{0} security data recovery request state change
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_NON_PROFILE_CERT_REQUEST_5=<type=NON_PROFILE_CERT_REQUEST>:[AuditEvent=NON_PROFILE_CERT_REQUEST][SubjectID={0}][Outcome={1}][ReqID={2}][ServiceID={3}][CertSubject={4}] certificate request made without certificate profiles
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: OCSP_ADD_CA_REQUEST
|
|
|
86bca3 |
+# Description: This event is used when a CA is attempted to be added to the OCSP Responder.
|
|
|
86bca3 |
+# Applicable subsystems: OCSP
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - CA: The base-64 encoded PKCS7 certificate (or chain).
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_OCSP_ADD_CA_REQUEST=<type=OCSP_ADD_CA_REQUEST>:[AuditEvent=OCSP_ADD_CA_REQUEST]{0} request to add a CA for OCSP Responder
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+# Event: OCSP_REMOVE_CA_REQUEST
|
|
|
86bca3 |
+# Description: This event is used when a CA is attempted to be removed from the OCSP Responder.
|
|
|
86bca3 |
+# Applicable subsystems: OCSP
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - CASubjectDN: The DN ID of the CA.
|
|
|
86bca3 |
+#
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST=<type=OCSP_REMOVE_CA_REQUEST>:[AuditEvent=OCSP_REMOVE_CA_REQUEST]{0} request to remove a CA from OCSP Responder
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: SECURITY_DATA_EXPORT_KEY
|
|
|
86bca3 |
-# - used when user attempts to retrieve key after the recovery request
|
|
|
86bca3 |
+# Description: This event is used when user attempts to retrieve key after the recovery request
|
|
|
86bca3 |
# has been approved.
|
|
|
86bca3 |
# Applicable subsystems: KRA
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# RecoveryID must be the recovery request ID
|
|
|
86bca3 |
-# KeyID is the key being retrieved
|
|
|
86bca3 |
-# Info is the failure reason if the export fails.
|
|
|
86bca3 |
-# PubKey is the public key for the private key being retrieved
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - RecoveryID: The recovery request ID.
|
|
|
86bca3 |
+# - KeyID: The key being retrieved.
|
|
|
86bca3 |
+# - Info: The failure reason if the export fails.
|
|
|
86bca3 |
+# - PubKey: The public key for the private key being retrieved.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_SECURITY_DATA_EXPORT_KEY=<type=SECURITY_DATA_EXPORT_KEY>:[AuditEvent=SECURITY_DATA_EXPORT_KEY]{0} security data retrieval request
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: SECURITY_DATA_INFO
|
|
|
86bca3 |
-# - used when user attempts to get metadata information about a key
|
|
|
86bca3 |
+# Description: This event is used when user attempts to get metadata information about a key.
|
|
|
86bca3 |
# Applicable subsystems: KRA
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# RecoveryID must be the recovery request ID
|
|
|
86bca3 |
-# KeyID is the key being retrieved
|
|
|
86bca3 |
-# Info is the failure reason if the export fails.
|
|
|
86bca3 |
-# PubKey is the public key for the private key being retrieved
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - KeyID: The key being retrieved.
|
|
|
86bca3 |
+# - ClientKeyId:
|
|
|
86bca3 |
+# - Info: The failure reason if the export fails.
|
|
|
86bca3 |
+# - PubKey: The public key for the private key being retrieved.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_SECURITY_DATA_INFO=<type=SECURITY_DATA_INFO>:[AuditEvent=SECURITY_DATA_INFO]{0} security data info request
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: KEY_STATUS_CHANGE
|
|
|
86bca3 |
-# - used when modify key status is executed
|
|
|
86bca3 |
-# Applicable subsystems: KRA
|
|
|
86bca3 |
+# Event: TOKEN_AUTH with [Outcome=Failure]
|
|
|
86bca3 |
+# Description: This event is used when authentication failed.
|
|
|
86bca3 |
+# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# keyID must be an existing key id in the database
|
|
|
86bca3 |
-# oldStatus is the old status to change from
|
|
|
86bca3 |
-# newStatus is the new status to change to
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_KEY_STATUS_CHANGE=<type=KEY_STATUS_CHANGE>:[AuditEvent=KEY_STATUS_CHANGE]{0} Key Status Change
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: SYMKEY_GENERATION_REQUEST_PROCESSED
|
|
|
86bca3 |
-# - used when symmetric key generation request is processed
|
|
|
86bca3 |
-# this is when DRM receives and processes the request
|
|
|
86bca3 |
-# Applicable subsystems: KRA
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# Client ID must be the user supplied client ID associated with
|
|
|
86bca3 |
-# the symmetric key to be generated and archived
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_SYMKEY_GEN_REQUEST_PROCESSED=<type=SYMKEY_GENERATION_REQUEST_PROCESSED>:[AuditEvent=SYMKEY_GENERATION_REQUEST_PROCESSED]{0} symkey generation request processed
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: SYMKEY_GENERATION_REQUEST
|
|
|
86bca3 |
-# - used when symmetric key generation request is made
|
|
|
86bca3 |
-# Applicable subsystems: KRA
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# ClientKeyID is the ID of the symmetirc key to be generated and archived
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_SYMKEY_GENERATION_REQUEST=<type=SYMKEY_GENERATION_REQUEST>:[AuditEvent=SYMKEY_GENERATION_REQUEST]{0} symkey generation request made
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: ASYMKEY_GENERATION_REQUEST
|
|
|
86bca3 |
-# - used when asymmetric key generation request is made
|
|
|
86bca3 |
-# Applicable subsystems: KRA
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome: Failure
|
|
|
86bca3 |
+# (obviously, if authentication failed, you won't have a valid SubjectID, so
|
|
|
86bca3 |
+# in this case, AttemptedID is recorded)
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - MSN:
|
|
|
86bca3 |
+# - OP:
|
|
|
86bca3 |
+# - tokenType:
|
|
|
86bca3 |
+# - AppletVersion:
|
|
|
86bca3 |
+# - AuthMgr: The authentication manager instance name that did
|
|
|
86bca3 |
+# this authentication.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_ASYMKEY_GENERATION_REQUEST=<type=ASYMKEY_GENERATION_REQUEST>:[AuditEvent=ASYMKEY_GENERATION_REQUEST]{0} Asymkey generation request made
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_TOKEN_AUTH_FAILURE=<type=TOKEN_AUTH>:[AuditEvent=TOKEN_AUTH]{0} token authentication failure
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: ASYMKEY_GENERATION_REQUEST_PROCESSED
|
|
|
86bca3 |
-# - used when a request to generate asymmetric keys received by the DRM
|
|
|
86bca3 |
-# is processed.
|
|
|
86bca3 |
-# Applicable subsystems: KRA
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
+# Event: TOKEN_AUTH with [Outcome=Success]
|
|
|
86bca3 |
+# Description: This event is used when authentication succeeded.
|
|
|
86bca3 |
+# Applicable subsystems: TPS
|
|
|
86bca3 |
+# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome: Success
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - MSN:
|
|
|
86bca3 |
+# - OP:
|
|
|
86bca3 |
+# - tokenType:
|
|
|
86bca3 |
+# - AppletVersion:
|
|
|
86bca3 |
+# - AuthMgr: The authentication manager instance name that did
|
|
|
86bca3 |
+# this authentication.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_ASYMKEY_GEN_REQUEST_PROCESSED=<type=ASYMKEY_GENERATION_REQUEST_PROCESSED>:[AuditEvent=ASYMKEY_GENERATION_REQUEST_PROCESSED]{0} Asymkey generation request processed
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_TOKEN_AUTH_SUCCESS=<type=TOKEN_AUTH>:[AuditEvent=TOKEN_AUTH]{0} token authentication success
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: TOKEN_CERT_ENROLLMENT
|
|
|
86bca3 |
-# - used for TPS when token certificate enrollment request is made
|
|
|
86bca3 |
+# Description: This event is used for TPS when token certificate enrollment request is made.
|
|
|
86bca3 |
# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# - Info is normally used to store more info in case of failure
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - tokenType:
|
|
|
86bca3 |
+# - KeyVersion:
|
|
|
86bca3 |
+# - Serial:
|
|
|
86bca3 |
+# - CA_ID:
|
|
|
86bca3 |
+# - Info: Info in case of failure.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_TOKEN_CERT_ENROLLMENT_9=<type=TOKEN_CERT_ENROLLMENT>:[AuditEvent=TOKEN_CERT_ENROLLMENT][IP={0}][SubjectID={1}][CUID={2}][Outcome={3}][tokenType={4}][KeyVersion={5}][Serial={6}][CA_ID={7}][Info={8}] token certificate enrollment request made
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: TOKEN_CERT_RENEWAL
|
|
|
86bca3 |
-# - used for TPS when token certificate renewal request is made
|
|
|
86bca3 |
+# Description: This event is used for TPS when token certificate renewal request is made.
|
|
|
86bca3 |
# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# - Info is normally used to store more info in case of failure
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - tokenType:
|
|
|
86bca3 |
+# - KeyVersion:
|
|
|
86bca3 |
+# - Serial:
|
|
|
86bca3 |
+# - CA_ID:
|
|
|
86bca3 |
+# - Info: Info in case of failure.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_TOKEN_CERT_RENEWAL_9=<type=TOKEN_CERT_RENEWAL>:[AuditEvent=TOKEN_CERT_RENEWAL][IP={0}][SubjectID={1}][CUID={2}][Outcome={3}][tokenType={4}][KeyVersion={5}][Serial={6}][CA_ID={7}][Info={8}] token certificate renewal request made
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: TOKEN_CERT_RETRIEVAL
|
|
|
86bca3 |
-# - used for TPS when token certificate retrieval request is made;
|
|
|
86bca3 |
-# usually used during recovery, along with LOGGING_SIGNED_AUDIT_TOKEN_KEY_RECOVERY
|
|
|
86bca3 |
+# Description: This event is used for TPS when token certificate retrieval request is made;
|
|
|
86bca3 |
+# usually used during recovery, along with TOKEN_KEY_RECOVERY.
|
|
|
86bca3 |
# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - tokenType:
|
|
|
86bca3 |
+# - KeyVersion:
|
|
|
86bca3 |
+# - Serial:
|
|
|
86bca3 |
+# - CA_ID:
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_TOKEN_CERT_RETRIEVAL_9=<type=TOKEN_CERT_RETRIEVAL>:[AuditEvent=TOKEN_CERT_RETRIEVAL][IP={0}][SubjectID={1}][CUID={2}][Outcome={3}][tokenType={4}][KeyVersion={5}][Serial={6}][CA_ID={7}][Info={8}] token certificate retrieval request made
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: TOKEN_KEY_RECOVERY
|
|
|
86bca3 |
-# - used for TPS when token certificate key recovery request is made
|
|
|
86bca3 |
-# Applicable subsystems: TPS
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_TOKEN_KEY_RECOVERY_10=<type=TOKEN_KEY_RECOVERY>:[AuditEvent=TOKEN_KEY_RECOVERY][IP={0}][SubjectID={1}][CUID={2}][Outcome={3}][tokenType={4}][KeyVersion={5}][Serial={6}][CA_ID={7}][KRA_ID={8}][Info={9}] token certificate/key recovery request made
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
# Event: TOKEN_CERT_STATUS_CHANGE_REQUEST
|
|
|
86bca3 |
-# - used when a token certificate status change request (e.g. revocation) is made
|
|
|
86bca3 |
+# Description: This event is used when a token certificate status change request (e.g. revocation) is made.
|
|
|
86bca3 |
# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# CUID must be the last token that the certificate was associated with
|
|
|
86bca3 |
-# CertSerialNum must be the serial number (in decimal) of the certificate to be revoked
|
|
|
86bca3 |
-# RequestType must be "revoke", "on-hold", "off-hold"
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID: The last token that the certificate was associated with.
|
|
|
86bca3 |
+# - tokenType:
|
|
|
86bca3 |
+# - CertSerialNum: The serial number (in decimal) of the certificate to be revoked.
|
|
|
86bca3 |
+# - RequestType: "revoke", "on-hold", "off-hold".
|
|
|
86bca3 |
+# - RevokeReasonNum:
|
|
|
86bca3 |
+# - CA_ID:
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_TOKEN_CERT_STATUS_CHANGE_REQUEST_10=<type=TOKEN_CERT_STATUS_CHANGE_REQUEST>:[AuditEvent=TOKEN_CERT_STATUS_CHANGE_REQUEST][IP={0}][SubjectID={1}][CUID={2}][Outcome={3}][tokenType={4}][CertSerialNum={5}][RequestType={6}][RevokeReasonNum={7}][CA_ID={8}][Info={9}] token certificate revocation/unrevocation request made
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: TOKEN_PIN_RESET with [Outcome=Success]
|
|
|
86bca3 |
-# - used when token pin reset request succeeded
|
|
|
86bca3 |
-# Applicable subsystems: TPS
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_TOKEN_PIN_RESET_SUCCESS=<type=TOKEN_PIN_RESET>:[AuditEvent=TOKEN_PIN_RESET]{0} token op pin reset success
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: TOKEN_PIN_RESET with [Outcome=Failure]
|
|
|
86bca3 |
-# - used when token pin reset request failed
|
|
|
86bca3 |
-# Applicable subsystems: TPS
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_TOKEN_PIN_RESET_FAILURE=<type=TOKEN_PIN_RESET>:[AuditEvent=TOKEN_PIN_RESET]{0} token op pin reset failure
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: TOKEN_OP_REQUEST
|
|
|
86bca3 |
-# - used when token processor op request is made
|
|
|
86bca3 |
+# Event: TOKEN_FORMAT with [Outcome=Failure]
|
|
|
86bca3 |
+# Description: This event is used when token format operation failed.
|
|
|
86bca3 |
# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# - OP can be "format", "enroll", or "pinReset"
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - MSN:
|
|
|
86bca3 |
+# - tokenType:
|
|
|
86bca3 |
+# - AppletVersion:
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_TOKEN_OP_REQUEST_6=<type=TOKEN_OP_REQUEST>:[AuditEvent=TOKEN_OP_REQUEST][IP={0}][CUID={1}][MSN={2}][Outcome={3}][OP={4}][AppletVersion={5}] token processor op request made
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_TOKEN_FORMAT_FAILURE=<type=TOKEN_FORMAT>:[AuditEvent=TOKEN_FORMAT]{0} token op format failure
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: TOKEN_FORMAT with [Outcome=Success]
|
|
|
86bca3 |
-# - used when token format op succeeded
|
|
|
86bca3 |
+# Description: This event is used when token format operation succeeded.
|
|
|
86bca3 |
# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - MSN:
|
|
|
86bca3 |
+# - tokenType:
|
|
|
86bca3 |
+# - AppletVersion:
|
|
|
86bca3 |
+# - KeyVersion:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_TOKEN_FORMAT_SUCCESS=<type=TOKEN_FORMAT>:[AuditEvent=TOKEN_FORMAT]{0} token op format success
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: TOKEN_FORMAT with [Outcome=Failure]
|
|
|
86bca3 |
-# - used when token format op failed
|
|
|
86bca3 |
-# Applicable subsystems: TPS
|
|
|
86bca3 |
-# Enabled by default: No
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_TOKEN_FORMAT_FAILURE=<type=TOKEN_FORMAT>:[AuditEvent=TOKEN_FORMAT]{0} token op format failure
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: TOKEN_APPLET_UPGRADE with [Outcome=Success]
|
|
|
86bca3 |
-# - used when token apple upgrade succeeded
|
|
|
86bca3 |
-# Applicable subsystems: TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_TOKEN_APPLET_UPGRADE_SUCCESS=<type=TOKEN_APPLET_UPGRADE>:[AuditEvent=TOKEN_APPLET_UPGRADE]{0} token applet upgrade success
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: TOKEN_APPLET_UPGRADE with [Outcome=Failure]
|
|
|
86bca3 |
-# - used when token apple upgrade failed
|
|
|
86bca3 |
-# Applicable subsystems: TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_TOKEN_APPLET_UPGRADE_FAILURE=<type=TOKEN_APPLET_UPGRADE>:[AuditEvent=TOKEN_APPLET_UPGRADE]{0} token applet upgrade failure
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: TOKEN_KEY_CHANGEOVER_REQUIRED
|
|
|
86bca3 |
-# - used when token key changeover is required
|
|
|
86bca3 |
-# Applicable subsystems: TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_TOKEN_KEY_CHANGEOVER_REQUIRED_10=<type=TOKEN_KEY_CHANGEOVER_REQUIRED>:[AuditEvent=TOKEN_KEY_CHANGEOVER_REQUIRED][IP={0}][SubjectID={1}][CUID={2}][MSN={3}][Outcome={4}][tokenType={5}][AppletVersion={6}][oldKeyVersion={7}][newKeyVersion={8}][Info={9}] token key changeover required
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: TOKEN_KEY_CHANGEOVER with [Outcome=Success]
|
|
|
86bca3 |
-# - used when token key changeover succeeded
|
|
|
86bca3 |
-# Applicable subsystems: TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# - Info usually is unused for success
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_TOKEN_KEY_CHANGEOVER_SUCCESS=<type=TOKEN_KEY_CHANGEOVER>:[AuditEvent=TOKEN_KEY_CHANGEOVER]{0} token key changeover success
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: TOKEN_KEY_CHANGEOVER with [Outcome=Failure]
|
|
|
86bca3 |
-# - used when token key changeover failed
|
|
|
86bca3 |
-# Applicable subsystems: TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# - Info is used for storing more info in case of failure
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_TOKEN_KEY_CHANGEOVER_FAILURE=<type=TOKEN_KEY_CHANGEOVER>:[AuditEvent=TOKEN_KEY_CHANGEOVER]{0} token key changeover failure
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: TOKEN_AUTH with [Outcome=Failure]
|
|
|
86bca3 |
-# - used when authentication failed
|
|
|
86bca3 |
+# Event: TOKEN_KEY_RECOVERY
|
|
|
86bca3 |
+# Description: This event is used for TPS when token certificate key recovery request is made.
|
|
|
86bca3 |
# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# Outcome should always be "failure" in this event
|
|
|
86bca3 |
-# (obviously, if authentication failed, you won't have a valid SubjectID, so
|
|
|
86bca3 |
-# in this case, AttemptedID is recorded)
|
|
|
86bca3 |
-# AuthMgr must be the authentication manager instance name that did
|
|
|
86bca3 |
-# this authentication
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - tokenType:
|
|
|
86bca3 |
+# - KeyVersion:
|
|
|
86bca3 |
+# - Serial:
|
|
|
86bca3 |
+# - CA_ID:
|
|
|
86bca3 |
+# - KRA_ID:
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_TOKEN_AUTH_FAILURE=<type=TOKEN_AUTH>:[AuditEvent=TOKEN_AUTH]{0} token authentication failure
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_TOKEN_KEY_RECOVERY_10=<type=TOKEN_KEY_RECOVERY>:[AuditEvent=TOKEN_KEY_RECOVERY][IP={0}][SubjectID={1}][CUID={2}][Outcome={3}][tokenType={4}][KeyVersion={5}][Serial={6}][CA_ID={7}][KRA_ID={8}][Info={9}] token certificate/key recovery request made
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: TOKEN_AUTH with [Outcome=Success]
|
|
|
86bca3 |
-# - used when authentication succeeded
|
|
|
86bca3 |
+# Event: TOKEN_OP_REQUEST
|
|
|
86bca3 |
+# Description: This event is used when token processor operation request is made.
|
|
|
86bca3 |
# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# Outcome should always be "success" in this event
|
|
|
86bca3 |
-# AuthMgr must be the authentication manager instance name that did
|
|
|
86bca3 |
-# this authentication
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - MSN:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - OP: "format", "enroll", or "pinReset"
|
|
|
86bca3 |
+# - AppletVersion:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_TOKEN_AUTH_SUCCESS=<type=TOKEN_AUTH>:[AuditEvent=TOKEN_AUTH]{0} token authentication success
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_TOKEN_OP_REQUEST_6=<type=TOKEN_OP_REQUEST>:[AuditEvent=TOKEN_OP_REQUEST][IP={0}][CUID={1}][MSN={2}][Outcome={3}][OP={4}][AppletVersion={5}] token processor op request made
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CONFIG_TOKEN_GENERAL
|
|
|
86bca3 |
-# - used when doing general TPS configuration
|
|
|
86bca3 |
+# Event: TOKEN_PIN_RESET with [Outcome=Failure]
|
|
|
86bca3 |
+# Description: This event is used when token pin reset request failed.
|
|
|
86bca3 |
# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
-# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
-# - info in general is used for caturing error info for failed cases
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - tokenType:
|
|
|
86bca3 |
+# - AppletVersion:
|
|
|
86bca3 |
+# - Info:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_TOKEN_GENERAL_5=<type=CONFIG_TOKEN_GENERAL>:[AuditEvent=CONFIG_TOKEN_GENERAL][SubjectID={0}][Outcome={1}][Service={2}][ParamNameValPairs={3}][Info={4}] TPS token configuration parameter(s) change
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_TOKEN_PIN_RESET_FAILURE=<type=TOKEN_PIN_RESET>:[AuditEvent=TOKEN_PIN_RESET]{0} token op pin reset failure
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-# Event: CONFIG_TOKEN_PROFILE
|
|
|
86bca3 |
-# - used when configuring token profile
|
|
|
86bca3 |
+# Event: TOKEN_PIN_RESET with [Outcome=Success]
|
|
|
86bca3 |
+# Description: This event is used when token pin reset request succeeded.
|
|
|
86bca3 |
# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# Service can be any of the methods offered
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
-# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
-# - info in general is used for caturing error info for failed cases
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_TOKEN_PROFILE_6=<type=CONFIG_TOKEN_PROFILE>:[AuditEvent=CONFIG_TOKEN_PROFILE][SubjectID={0}][Outcome={1}][Service={2}][ProfileID={3}][ParamNameValPairs={4}][Info={5}] token profile configuration parameter(s) change
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: CONFIG_TOKEN_MAPPING_RESOLVER
|
|
|
86bca3 |
-# - used when configuring token mapping resolver
|
|
|
86bca3 |
-# Applicable subsystems: TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
-# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
-# - info in general is used for caturing error info for failed cases
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_TOKEN_MAPPING_RESOLVER_6=<type=CONFIG_TOKEN_MAPPING_RESOLVER>:[AuditEvent=CONFIG_TOKEN_MAPPING_RESOLVER][SubjectID={0}][Outcome={1}][Service={2}][MappingResolverID={3}][ParamNameValPairs={4}][Info={5}] token mapping resolver configuration parameter(s) change
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: CONFIG_TOKEN_AUTHENTICATOR
|
|
|
86bca3 |
-# - used when configuring token authenticators
|
|
|
86bca3 |
-# Applicable subsystems: TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# Service can be any of the methods offered
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
-# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
-# - info in general is used for caturing error info for failed cases
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_TOKEN_AUTHENTICATOR_6=<type=CONFIG_TOKEN_AUTHENTICATOR>:[AuditEvent=CONFIG_TOKEN_AUTHENTICATOR][SubjectID={0}][Outcome={1}][OP={2}][Authenticator={3}][ParamNameValPairs={4}][Info={5}] token authenticator configuration parameter(s) change
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: CONFIG_TOKEN_CONNECTOR
|
|
|
86bca3 |
-# - used when configuring token connectors
|
|
|
86bca3 |
-# Applicable subsystems: TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# Service can be any of the methods offered
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
-# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
-# - info in general is used for caturing error info for failed cases
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_TOKEN_CONNECTOR_6=<type=CONFIG_TOKEN_CONNECTOR>:[AuditEvent=CONFIG_TOKEN_CONNECTOR][SubjectID={0}][Outcome={1}][Service={2}][Connector={3}][ParamNameValPairs={4}][Info={5}] token connector configuration parameter(s) change
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: CONFIG_TOKEN_RECORD
|
|
|
86bca3 |
-# - used when information in token record changed
|
|
|
86bca3 |
-# Applicable subsystems: TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
-# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
-# - info in general is used for caturing error info for failed cases
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - IP:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - CUID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - tokenType:
|
|
|
86bca3 |
+# - AppletVersion:
|
|
|
86bca3 |
+# - KeyVersion:
|
|
|
86bca3 |
#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CONFIG_TOKEN_RECORD_6=<type=CONFIG_TOKEN_RECORD>:[AuditEvent=CONFIG_TOKEN_RECORD][SubjectID={0}][Outcome={1}][OP={2}][TokenID={3}][ParamNameValPairs={4}][Info={5}] token record configuration parameter(s) change
|
|
|
86bca3 |
+LOGGING_SIGNED_AUDIT_TOKEN_PIN_RESET_SUCCESS=<type=TOKEN_PIN_RESET>:[AuditEvent=TOKEN_PIN_RESET]{0} token op pin reset success
|
|
|
86bca3 |
#
|
|
|
86bca3 |
# Event: TOKEN_STATE_CHANGE
|
|
|
86bca3 |
-# - used when token state changed
|
|
|
86bca3 |
+# Description: This event is used when token state changed.
|
|
|
86bca3 |
# Applicable subsystems: TPS
|
|
|
86bca3 |
# Enabled by default: No
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
-# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
-# - info in general is used for caturing error info for failed cases
|
|
|
86bca3 |
+# Fields:
|
|
|
86bca3 |
+# - SubjectID:
|
|
|
86bca3 |
+# - Outcome:
|
|
|
86bca3 |
+# - oldState:
|
|
|
86bca3 |
+# - oldReason:
|
|
|
86bca3 |
+# - newState:
|
|
|
86bca3 |
+# - newReason:
|
|
|
86bca3 |
+# - ParamNameValPairs: A name-value pair
|
|
|
86bca3 |
+# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
+# separated by + (if more than one name-value pair) of config params changed.
|
|
|
86bca3 |
+# --- secret component (password) MUST NOT be logged ---
|
|
|
86bca3 |
+# - Info: Error info for failed cases.
|
|
|
86bca3 |
#
|
|
|
86bca3 |
LOGGING_SIGNED_AUDIT_TOKEN_STATE_CHANGE_8=<type=TOKEN_STATE_CHANGE>:[AuditEvent=TOKEN_STATE_CHANGE][SubjectID={0}][Outcome={1}][oldState={2}][oldReason={3}][newState={4}][newReason={5}][ParamNameValPairs={6}][Info={7}] token state changed
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: AUTHORITY_CONFIG
|
|
|
86bca3 |
-# - used when configuring lightweight authorities
|
|
|
86bca3 |
-# Applicable subsystems: CA
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_AUTHORITY_CONFIG_3=<type=AUTHORITY_CONFIG>:[AuditEvent=AUTHORITY_CONFIG][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] lightweight authority configuration change
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: ACCESS_SESSION_ESTABLISH with [Outcome=Failure]
|
|
|
86bca3 |
-# - used when access session failed to establish
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_ACCESS_SESSION_ESTABLISH_FAILURE=\
|
|
|
86bca3 |
-<type=ACCESS_SESSION_ESTABLISH>:[AuditEvent=ACCESS_SESSION_ESTABLISH]{0} access session establish failure
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: ACCESS_SESSION_ESTABLISH with [Outcome=Success]
|
|
|
86bca3 |
-# - used when access session was established successfully
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_ACCESS_SESSION_ESTABLISH_SUCCESS=\
|
|
|
86bca3 |
-<type=ACCESS_SESSION_ESTABLISH>:[AuditEvent=ACCESS_SESSION_ESTABLISH]{0} access session establish success
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: ACCESS_SESSION_TERMINATED
|
|
|
86bca3 |
-# - used when access session was terminated
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# ParamNameValPairs must be a name;;value pair
|
|
|
86bca3 |
-# (where name and value are separated by the delimiter ;;)
|
|
|
86bca3 |
-# separated by + (if more than one name;;value pair) of config params changed
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_ACCESS_SESSION_TERMINATED=\
|
|
|
86bca3 |
-<type=ACCESS_SESSION_TERMINATED>:[AuditEvent=ACCESS_SESSION_TERMINATED]{0} access session terminated
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: CLIENT_ACCESS_SESSION_ESTABLISH with [Outcome=Failure]
|
|
|
86bca3 |
-# access session failed to establish when Certificate System acts as client
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CLIENT_ACCESS_SESSION_ESTABLISH_FAILURE=\
|
|
|
86bca3 |
-<type=CLIENT_ACCESS_SESSION_ESTABLISH>:[AuditEvent=CLIENT_ACCESS_SESSION_ESTABLISH]{0} access session failed to establish when Certificate System acts as client
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: CLIENT_ACCESS_SESSION_ESTABLISH with [Outcome=Success]
|
|
|
86bca3 |
-# - used when access session was established successfully when
|
|
|
86bca3 |
-# Certificate System acts as client
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CLIENT_ACCESS_SESSION_ESTABLISH_SUCCESS=\
|
|
|
86bca3 |
-<type=CLIENT_ACCESS_SESSION_ESTABLISH>:[AuditEvent=CLIENT_ACCESS_SESSION_ESTABLISH]{0} access session establish successfully when Certificate System acts as client
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: CLIENT_ACCESS_SESSION_TERMINATED
|
|
|
86bca3 |
-# - used when access session was terminated when Certificate System acts as client
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_CLIENT_ACCESS_SESSION_TERMINATED=\
|
|
|
86bca3 |
-<type=CLIENT_ACCESS_SESSION_TERMINATED>:[AuditEvent=CLIENT_ACCESS_SESSION_TERMINATED]{0} access session terminated when Certificate System acts as client
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-#########################################################################
|
|
|
86bca3 |
-# Unselectable Signed Audit Events
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-# Event: AUDIT_LOG_SIGNING
|
|
|
86bca3 |
-# - used when a signature on the audit log is generated (same as "flush" time)
|
|
|
86bca3 |
-# Applicable subsystems: CA, KRA, OCSP, TKS, TPS
|
|
|
86bca3 |
-# Enabled by default: Yes
|
|
|
86bca3 |
-# SubjectID is predefined to be "$System$" because this operation
|
|
|
86bca3 |
-# associates with no user
|
|
|
86bca3 |
-# sig must be the base-64 encoded signature of the buffer just flushed
|
|
|
86bca3 |
-#
|
|
|
86bca3 |
-LOGGING_SIGNED_AUDIT_AUDIT_LOG_SIGNING_3=[AuditEvent=AUDIT_LOG_SIGNING][SubjectID={0}][Outcome={1}] signature of audit buffer just flushed: sig: {2}
|
|
|
86bca3 |
diff --git a/base/tks/shared/conf/CS.cfg b/base/tks/shared/conf/CS.cfg
|
|
|
86bca3 |
index 2face58..9227c27 100644
|
|
|
86bca3 |
--- a/base/tks/shared/conf/CS.cfg
|
|
|
86bca3 |
+++ b/base/tks/shared/conf/CS.cfg
|
|
|
86bca3 |
@@ -214,7 +214,7 @@ log.instance.SignedAudit._007=## $ pki-server tks-audit-event-enable/disable
|
|
|
86bca3 |
log.instance.SignedAudit._008=##
|
|
|
86bca3 |
log.instance.SignedAudit.bufferSize=512
|
|
|
86bca3 |
log.instance.SignedAudit.enable=true
|
|
|
86bca3 |
-log.instance.SignedAudit.events=ACCESS_SESSION_ESTABLISH,ACCESS_SESSION_TERMINATED,AUDIT_LOG_SHUTDOWN,AUDIT_LOG_SIGNING,AUDIT_LOG_STARTUP,AUTH,AUTHZ,CLIENT_ACCESS_SESSION_ESTABLISH,CLIENT_ACCESS_SESSION_TERMINATED,CONFIG_ACL,CONFIG_AUTH,CONFIG_ENCRYPTION,CONFIG_ROLE,CONFIG_SIGNED_AUDIT,CONFIG_TRUSTED_PUBLIC_KEY,KEY_GEN_ASYMMETRIC,LOG_PATH_CHANGE,RANDOM_GENERATION,ROLE_ASSUME,SELFTESTS_EXECUTION,SERVER_SIDE_KEYGEN_REQUEST,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED
|
|
|
86bca3 |
+log.instance.SignedAudit.events=ACCESS_SESSION_ESTABLISH,ACCESS_SESSION_TERMINATED,AUDIT_LOG_SIGNING,AUDIT_LOG_STARTUP,AUTH,AUTHZ,CLIENT_ACCESS_SESSION_ESTABLISH,CLIENT_ACCESS_SESSION_TERMINATED,CONFIG_ACL,CONFIG_AUTH,CONFIG_ENCRYPTION,CONFIG_ROLE,CONFIG_SIGNED_AUDIT,CONFIG_TRUSTED_PUBLIC_KEY,KEY_GEN_ASYMMETRIC,LOG_PATH_CHANGE,RANDOM_GENERATION,ROLE_ASSUME,SCHEDULE_CRL_GENERATION,SELFTESTS_EXECUTION,SERVER_SIDE_KEYGEN_REQUEST,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED
|
|
|
86bca3 |
log.instance.SignedAudit.filters.RANDOM_GENERATION=(Outcome=Failure)
|
|
|
86bca3 |
log.instance.SignedAudit.expirationTime=0
|
|
|
86bca3 |
log.instance.SignedAudit.fileName=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_TYPE]/signedAudit/tks_cert-tks_audit
|
|
|
86bca3 |
diff --git a/base/tps-client/doc/CS.cfg b/base/tps-client/doc/CS.cfg
|
|
|
86bca3 |
index a528763..ba700f4 100644
|
|
|
86bca3 |
--- a/base/tps-client/doc/CS.cfg
|
|
|
86bca3 |
+++ b/base/tps-client/doc/CS.cfg
|
|
|
86bca3 |
@@ -104,7 +104,7 @@ logging.audit.logSigning=false
|
|
|
86bca3 |
logging.audit.signedAuditCertNickname=auditSigningCert cert-[PKI_INSTANCE_NAME]
|
|
|
86bca3 |
logging.audit.selected.events=AUTHZ,AUTH,ROLE_ASSUME,ENROLLMENT,PIN_RESET,FORMAT,CONFIG,CONFIG_ROLE,CONFIG_TOKEN,CONFIG_PROFILE,CONFIG_AUDIT,APPLET_UPGRADE,KEY_CHANGEOVER,RENEWAL,CIMC_CERT_VERIFICATION
|
|
|
86bca3 |
logging.audit.selectable.events=AUTHZ,AUTH,ROLE_ASSUME,ENROLLMENT,PIN_RESET,FORMAT,CONFIG,CONFIG_ROLE,CONFIG_TOKEN,CONFIG_PROFILE,CONFIG_AUDIT,APPLET_UPGRADE,KEY_CHANGEOVER,RENEWAL,CIMC_CERT_VERIFICATION
|
|
|
86bca3 |
-logging.audit.nonselectable.events=AUDIT_LOG_STARTUP,AUDIT_LOG_SHUTDOWN,AUDIT_LOG_SIGNING
|
|
|
86bca3 |
+logging.audit.nonselectable.events=AUDIT_LOG_STARTUP,AUDIT_LOG_SIGNING
|
|
|
86bca3 |
logging.audit.buffer.size=512
|
|
|
86bca3 |
logging.audit.flush.interval=5
|
|
|
86bca3 |
logging.audit.file.type=RollingLogFile
|
|
|
86bca3 |
@@ -1547,7 +1547,7 @@ tokendb.confirmConfigChangesTemplate=confirmConfigChanges.template
|
|
|
86bca3 |
tokendb.confirmDeleteConfigTemplate=confirmDeleteConfig.template
|
|
|
86bca3 |
log.instance.SignedAudit.selected.events=ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,LOG_EXPIRATION_CHANGE,CONFIG,CONFIG_ROLE,CONFIG_TOKEN,CONFIG_PROFILE,CONFIG_AUDIT,APPLET_UPGRADE,KEY_CHANGEOVER,RENEWAL
|
|
|
86bca3 |
log.instance.SignedAudit.selectable.events=ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,LOG_EXPIRATION_CHANGE,PRIVATE_KEY_ARCHIVE,PRIVATE_KEY_ARCHIVE_PROCESSED,KEY_RECOVERY_REQUEST,KEY_RECOVERY_AGENT_LOGIN,KEY_RECOVERY_PROCESSED,KEY_GEN_ASYMMETRIC,NON_PROFILE_CERT_REQUEST,CONFIG,CONFIG_ROLE,CONFIG_TOKEN,CONFIG_PROFILE,CONFIG_AUDIT,APPLET_UPGRADE,KEY_CHANGEOVER,RENEWAL
|
|
|
86bca3 |
-log.instance.SignedAudit.nonselectable.events=AUDIT_LOG_STARTUP,AUDIT_LOG_SHUTDOWN,CERT_REQUEST_PROCESSED,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,AUTHZ,INTER_BOUNDARY,AUTH,CERT_PROFILE_APPROVAL,PROOF_OF_POSSESSION,CRL_RETRIEVAL,CRL_VALIDATION,CMC_SIGNED_REQUEST_SIG_VERIFY,SERVER_SIDE_KEYGEN_PROCESSED,SERVER_SIDE_KEYGEN_REQUEST
|
|
|
86bca3 |
+log.instance.SignedAudit.nonselectable.events=AUDIT_LOG_STARTUP,CERT_REQUEST_PROCESSED,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,AUTHZ,INTER_BOUNDARY,AUTH,CERT_PROFILE_APPROVAL,PROOF_OF_POSSESSION,CRL_RETRIEVAL,CRL_VALIDATION,CMC_SIGNED_REQUEST_SIG_VERIFY,SERVER_SIDE_KEYGEN_PROCESSED,SERVER_SIDE_KEYGEN_REQUEST
|
|
|
86bca3 |
tokendb.allowedTransitions=0:1,0:2,0:3,0:6,3:2,3:6,4:1,4:2,4:3,4:6,6:7
|
|
|
86bca3 |
target._000=#########################################
|
|
|
86bca3 |
target._001=# entries to enable configuration of parameter sets through the TPS UI agent and admin tabs
|
|
|
86bca3 |
diff --git a/base/tps/shared/conf/CS.cfg b/base/tps/shared/conf/CS.cfg
|
|
|
86bca3 |
index 610683a..ec92bfa 100644
|
|
|
86bca3 |
--- a/base/tps/shared/conf/CS.cfg
|
|
|
86bca3 |
+++ b/base/tps/shared/conf/CS.cfg
|
|
|
86bca3 |
@@ -231,11 +231,11 @@ log.instance.SignedAudit._007=## $ pki-server tps-audit-event-enable/disable
|
|
|
86bca3 |
log.instance.SignedAudit._008=##
|
|
|
86bca3 |
log.instance.SignedAudit.bufferSize=512
|
|
|
86bca3 |
log.instance.SignedAudit.enable=true
|
|
|
86bca3 |
-log.instance.SignedAudit.events=ACCESS_SESSION_ESTABLISH,ACCESS_SESSION_TERMINATED,AUDIT_LOG_SHUTDOWN,AUDIT_LOG_SIGNING,AUDIT_LOG_STARTUP,AUTH,AUTHZ,CLIENT_ACCESS_SESSION_ESTABLISH,CLIENT_ACCESS_SESSION_TERMINATED,CONFIG_ACL,CONFIG_AUTH,CONFIG_ENCRYPTION,CONFIG_ROLE,CONFIG_SIGNED_AUDIT,CONFIG_TOKEN_AUTHENTICATOR,CONFIG_TOKEN_CONNECTOR,CONFIG_TOKEN_MAPPING_RESOLVER,CONFIG_TOKEN_RECORD,CONFIG_TRUSTED_PUBLIC_KEY,KEY_GEN_ASYMMETRIC,LOG_PATH_CHANGE,RANDOM_GENERATION,ROLE_ASSUME,SELFTESTS_EXECUTION,SERVER_SIDE_KEYGEN_REQUEST,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED,TOKEN_APPLET_UPGRADE,TOKEN_KEY_CHANGEOVER,TOKEN_KEY_CHANGEOVER_REQUIRED
|
|
|
86bca3 |
+log.instance.SignedAudit.events=ACCESS_SESSION_ESTABLISH,ACCESS_SESSION_TERMINATED,AUDIT_LOG_SIGNING,AUDIT_LOG_STARTUP,AUTH,AUTHZ,CLIENT_ACCESS_SESSION_ESTABLISH,CLIENT_ACCESS_SESSION_TERMINATED,CONFIG_ACL,CONFIG_AUTH,CONFIG_ENCRYPTION,CONFIG_ROLE,CONFIG_SIGNED_AUDIT,CONFIG_TOKEN_AUTHENTICATOR,CONFIG_TOKEN_CONNECTOR,CONFIG_TOKEN_MAPPING_RESOLVER,CONFIG_TOKEN_RECORD,CONFIG_TRUSTED_PUBLIC_KEY,KEY_GEN_ASYMMETRIC,LOG_PATH_CHANGE,RANDOM_GENERATION,ROLE_ASSUME,SCHEDULE_CRL_GENERATION,SELFTESTS_EXECUTION,SERVER_SIDE_KEYGEN_REQUEST,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED,TOKEN_APPLET_UPGRADE,TOKEN_KEY_CHANGEOVER,TOKEN_KEY_CHANGEOVER_REQUIRED
|
|
|
86bca3 |
log.instance.SignedAudit.filters.RANDOM_GENERATION=(Outcome=Failure)
|
|
|
86bca3 |
log.instance.SignedAudit.filters.TOKEN_APPLET_UPGRADE=(Outcome=Failure)
|
|
|
86bca3 |
log.instance.SignedAudit.filters.TOKEN_KEY_CHANGEOVER=(Outcome=Failure)
|
|
|
86bca3 |
-log.instance.SignedAudit.mandatory.events=AUDIT_LOG_SHUTDOWN,AUDIT_LOG_SIGNING,AUDIT_LOG_STARTUP
|
|
|
86bca3 |
+log.instance.SignedAudit.mandatory.events=AUDIT_LOG_SIGNING,AUDIT_LOG_STARTUP
|
|
|
86bca3 |
log.instance.SignedAudit.expirationTime=0
|
|
|
86bca3 |
log.instance.SignedAudit.fileName=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_TYPE]/signedAudit/tps_cert-tps_audit
|
|
|
86bca3 |
log.instance.SignedAudit.flushInterval=5
|