Deleting A Log Module; Signed Audit Log - Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR:
Table of Contents
Advertisement
Signed Audit Log
Deleting a Log Module
You can delete unwanted log plug-in modules using the CS console. Before deleting a
module, be sure to delete all the listeners that are based on this module; see "Log File
Rotation" on page 260.
To delete a module:
Log in to the CS console (see "Logging Into the CS Console" on page 239).
1.
Select the Configuration tab.
2.
In the navigation tree, select Logs, and then in the right pane, select the Log Event
3.
Listener Plug-in Registration tab.
In the Plug-in Name list, select the module you want to delete and click Delete.
4.
When prompted, confirm the delete action.
5.
Signed Audit Log
The signed audit log is a feature that creates a log recording system events; the events that
are recorded are selectable from a list of events. This feature, when enabled, records all
system events and produces a verbose set of messages about this activity; be careful when
using this feature to provide enough space in your file system for this log. The signed audit
log feature is disabled by default.
You can also set this audit log up as a signed audit log. You enable this by setting the
logSigning
used to sign this log.
When this log is setup as a signed audit log, only a user with auditor privileges can access
and view the log. Auditors can use the
have not been tampered with.
When you first set the server up, if you have not created a dedicated certificate for log
signing, but you want to turn on the auditing feature anyway, you can use the singing
certificate for that subsystem to sign the logs. To do this, specify
cert-<CS instance name>
for a Certificate Manager, specify the appropriate signing certificate for other subsystems.
You can also configure which events are recorded in the log by adding or deleting the event
type form the value of the events parameter. Table 8-3 lists the events that are loggable
events. To add an event, add the logging event to the list; to delete an event, remove it from
the list. Log events are separated by commas with no spaces.
268
Red Hat Certificate System Administrator's Guide • September 2005
parameter to enable and providing the nickname of the certificate that will be
as the value in the
tool to verify that signed audit logs
AuditVerify
signedAuditCertNickname
caSigningCert
parameter
Advertisement
Table of Contents
