Configuring Logs In The Cs.cfg File; Configuring Logs In The Cs.cfg File For The Ca, Ocsp, Drm, And Tks - Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 8.0 - ADMINISTRATION:
- Using manual (48 pages) ,
- Agents manual (146 pages) ,
- Manual (124 pages)
Table of Contents
Advertisement
Chapter 15. Configuring Subsystem Logs
15.4. Configuring Logs in the CS.cfg File
Along with configuring subsystem logging through the Console, logging can be configured by directory
editing the CS.cfg for the instance. This may be a convenience for the CA, OCSP, DRM, and TKS.
For the RA and the TPS, this is the only way to configure logging because, with the exception of TPS
audit logging, there is no way to configure logging in the RA or TPS administrator web services.
15.4.1. Configuring Logs in the CS.cfg File for the CA, OCSP, DRM,
and TKS
1. Stop the subsystem instance.
service instance_name stop
2. Open the CS.cfg file in the /var/lib/subsystem_name/conf directory.
3. To create a new log, copy all of the entries for either the system or transactions log. These are the
parameters that begin with log.instance.Transactions or log.instance.System. Paste
all entries at the bottom of the logging section and change the name of this instance by changing
the word Transactions or System in each parameter to the new name.
4. To configure a log instance, modify the parameters associated with that log. These parameters
begin with log.instance.
Parameter
type
enable
level
fileName
bufferSize
flushInterval
maxFileSize
rolloverInterval
1
register
2
logSigning
signedAuditCertNickname
370
Description
The type of log file. system creates error and system logs; transaction records audit
Sets whether the log is active. Only enabled logs actually record events.
Sets the log level in the text field. The level must be manually entered in the field; ther
setting is a numeric value, as listed in
The full path, including the filename, to the log file. The subsystem user should have r
The buffer size in kilobytes (KB) for the log. Once the buffer reaches this size, the con
copied to the log file. The default size is 512 KB. For more information on buffered log
Unbuffered
Logging".
The amount of time, in seconds, before the contents of the buffer are flushed out and
5 seconds.
The size, kilobytes (KB), a log file can become before it is rotated. Once it reaches thi
the log file is started new. For more information on log file rotation, see
2000 KB.
The frequency which the server rotates the active log file. The available choices are h
The default selection is monthly. For more information, see
If this variable is set to false (the default value), the self-test messages are only logg
selftests.container.logger.fileName. If this variable is set to true, then th
the log file specified by selftests.container.logger.fileName as well as to t
.Transactions. fileName.
Enables signed logging. When this parameter is enabled, provide a value for the sign
option means the log can only be viewed by an auditor. The value is either true or fa
2
The nickname of the certificate used to sign audit logs. The private key for this certific
order for it to sign the log.
Section 15.1.2, "Log Levels (Message Categori
Section 15.1.4, "Log File R
Section 15.1.4
Advertisement
Table of Contents
Need help?
Do you have a question about the CERTIFICATE SYSTEM 8.0 - ADMINISTRATION and is the answer not in the manual?