Skip to content

CONFIG_SIGNED_AUDIT Audit Event

Endi S. Dewata edited this page May 31, 2023 · 6 revisions

Overview

The CONFIG_SIGNED_AUDIT audit event is generated when configuring signed audit logging in any PKI subsystem.

  • ParamNameValPairs must be a name;;value pair (where name and value are separated by the delimiter ;;) separated by + (if more than one name;;value pair) of config params changed

Examples

Using PKI CLI

Use PKI CLI to disable audit:

$ pki -n caadmin ca-audit-mod --action disable

The server will generate the following events:

[AuditEvent=CONFIG_SIGNED_AUDIT][SubjectID=caadmin][Outcome=Success][ParamNameVa
lPairs=+Action;;disable] signed audit configuration parameter(s) change

Using PKI Console

Use PKI Console to modify signed audit configuration:

  • Go to ConfigurationLogLog Event Listener Management.

  • Select SignedAudit.

  • Click Edit/View.

  • Make some changes.

  • Click OK.

The server will generate the following events:

[AuditEvent=CONFIG_SIGNED_AUDIT][SubjectID=caadmin][Outcome=Success][ParamNameVa
lPairs=Scope;;logRule+Operation;;OP_MODIFY+Resource;;SignedAudit+level;;Informat
ion+rolloverInterval;;Monthly+flushInterval;;10+mandatory.events;;<null>+bufferS
ize;;512+maxFileSize;;2000+fileName;;/var/lib/pki/pki-tomcat/logs/ca/signedAudit
/ca_audit+enable;;true+signedAuditCertNickname;;<null>+implName;;file+type;;sign
edAudit+logSigning;;false+events;;ACCESS_SESSION_ESTABLISH,ACCESS_SESSION_TERMIN
ATED,AUDIT_LOG_SIGNING,AUDIT_LOG_STARTUP,AUTH,AUTHORITY_CONFIG,AUTHZ,CERT_PROFIL
E_APPROVAL,CERT_REQUEST_PROCESSED,CERT_SIGNING_INFO,CERT_STATUS_CHANGE_REQUEST,C
ERT_STATUS_CHANGE_REQUEST_PROCESSED,CLIENT_ACCESS_SESSION_ESTABLISH,CLIENT_ACCES
S_SESSION_TERMINATED,CMC_REQUEST_RECEIVED,CMC_RESPONSE_SENT,CMC_SIGNED_REQUEST_S
IG_VERIFY,CMC_USER_SIGNED_REQUEST_SIG_VERIFY,CONFIG_ACL,CONFIG_AUTH,CONFIG_CERT_
PROFILE,CONFIG_CRL_PROFILE,CONFIG_ENCRYPTION,CONFIG_ROLE,CONFIG_SERIAL_NUMBER,CO
NFIG_SIGNED_AUDIT,CONFIG_TRUSTED_PUBLIC_KEY,CRL_SIGNING_INFO,DELTA_CRL_GENERATIO
N,FULL_CRL_GENERATION,KEY_GEN_ASYMMETRIC,LOG_PATH_CHANGE,OCSP_GENERATION,OCSP_SI
GNING_INFO,PROFILE_CERT_REQUEST,PROOF_OF_POSSESSION,RANDOM_GENERATION,ROLE_ASSUM
E,SCHEDULE_CRL_GENERATION,SECURITY_DOMAIN_UPDATE,SELFTESTS_EXECUTION,SERVER_SIDE
_KEYGEN_REQUEST,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED] signed audit configuration
 parameter(s) change
Clone this wiki locally