000019734 - How to configure which events the Logging Server records

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000019734
Applies ToKeon Certificate Authority 6.0.2
IssueHow to configure which events the Logging Server records
Configure events to log
Audit administrators' actions
Log administrators? activities
Log end-entities' activities
ResolutionThe following procedure describes how to configure what events the Logging Server records:

1. On the KCA Administration Console, click the System Configuration Workbench button

2. In the Navigation Area, click Logging Configuration

3. Select the ?Log on Success? and/or the ?Log on Failure? checkbox for each event that you want to log. Available events include:

- Key generation
- Sign an end-entity certificate
- Sign a CA certificate
- Download an end-entity certificate to a client
- Download a CA certificate to a client
- Download a CRL or OCSP signer certificate to a client
- Issue a CRL
- Import a CRL
- Re-sign a certificate
- Create a new CA
- Import a CA certificate from PKCS #12
- Create a new Administrator
- Create a new Vettor
- Update a CA certificate
- OCSP transactions, e.g. requestor details, time of OCSP request, and response status
- Create a CRL or OCSP signer certificate
- Sign a CRL or OCSP signer certificate
- Reinstate a CA certificate
- Suspend a CA certificate
- Revoke a CA certificate
- Reinstate an end-entity certificate
- Suspend an end-entity certificate
- Revoke a certificate
- Revoke a CRL or OCSP signer certificate
- Sign a reverse cross-certificate
- Import a forward cross-certificate
- Revoke a reverse cross-certificate
- Suspend a reverse cross-certificate
- Reinstate a reverse cross-certificate
- Delete a forward cross-certificate
- Download a reverse cross-certificate

Note that the operations a) delete certificate requests and b) delete certificate cannot be logged.

4. Click Save Current Logging Configuration

In the logs, the field "certificate presented:" identifies the Certificate ID (MD5) of the end-entity/administrator that executed the event logged, for example, the Certificate ID of the administrator that signed an end-entity certificate.
Legacy Article IDa11702

Attachments

    Outcomes