Skip to content

SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED Audit Event

Endi S. Dewata edited this page May 31, 2023 · 3 revisions

Overview

Properties:

  • SubjectID: UID of agent that initiated the request.

  • Outcome: Success or Failure.

  • ArchivalRequestID: The identifier used to track the audit logs. In the case of the CA-KRA connector, this is the certificate request ID in the CA. For requests coming from the REST API, this is not currently set.

  • RequestId: ID for the archival request created in the KRA (could be ephemeral)

  • ClientKeyID: The client key ID that was passed in by the client to identify the secret.

  • KeyID: Key record that was created for the archival.

  • FailureReason: Reason for failure (or None if success).

  • PubKey: Public key associated with the archival. This is only relevant when archiving a private key, and will only be set when the key is archived through the CA connector.

Examples

Use the PKI CLI to archive a passphrase:

$ pki -n caadmin kra-key-archive --clientKeyID "my_pass4" --passphrase "goodbye cruel world!"

The server will generate the following events:

[AuditEvent=SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED][SubjectID=kraadmin][Outcom
e=Success][ArchivalRequestID=null][RequestId=1495][ClientKeyID=my_pass4][KeyID=1
62][FailureReason=None][PubKey=null] security data archival request processed
Clone this wiki locally