auditUtility auditReader

The auditUtility auditReader command decrypts and unsigns an audit log that is encrypted, signed, or both. The command must specify the locations of the audit log and the output file.

Usage examples

The following example demonstrates the proper syntax to decrypt an audit log that is encrypted:

auditUtility auditReader
  --auditFileLocation=c:/wlp/usr/servers/myserver/logs/audit.log
  --outputFilelocation=c:/decryptedAuditLogs/decrypted_audit.log
  --encrypted=true
  --encKeyStoreLocation=c:/wlp/usr/servers/myserver/mykeystore.PKCS12
  --encKeyStorePassword=libertypwd
  --encKeyStoreType=PKCS12

The following example demonstrates the proper syntax to unsign an audit log that is signed:

auditUtility auditReader
  --auditFileLocation=c:/wlp/usr/servers/myserver/logs/audit.log
  --outputFilelocation=c:/unsignedAuditLogs/unsigned_audit.log
  --signed=true
  --signingKeyStoreLocation=c:/wlp/usr/servers/myserver/mySiginingKeystore.PKCS12
  --signingKeyStorePassword=libertypwd
  --signingKeyStoreType=PKCS12

Syntax

Run the command from the path_to_liberty/wlp/bin directory.

auditUtility {auditReader|help} [options]

Options

The following options are available for the auditUtility auditReader command.

Options for the auditUtility auditReader command.
OptionDescription

--auditFileLocation=[location of encrypted, signed, or encrypted and signed audit log]

Specify the fully qualified location of the audit log to decrypt and unsign. This option is required.

--outputFileLocation=[location of resulting decrypted and unsigned audit log]

Specify the fully qualified location of the resulting output log. This option is required.

--debug=[true|false]

Specify true to enable trace. Debug is disabled by default.

--encrypted=[true|false]

Specify true if the audit log is encrypted and false if it is not encrypted.

--encKeyStoreLocation=[fully-qualified file location of keystore used to store the certificate used to decrypt audit records.]

Specify the fully-qualified file location of the keystore that stores the certificate that is used to decrypt the audit records.

--encKeyStorePassword=[password]

Specify the password for the keystore that contains the certificate that is used to decrypt the audit records.

--encKeyStoreType=[JKS|JCEKS|PKCS12]

Specify the type of the encryption keystore. Supported keystore types are JKS, JCEKS, and PKCS12.

--signed=[true|false]

Specify true if the audit log is signed and false if it is not signed.

--signingKeyStoreLocation=[fully-qualified file location of keystore used to store the certificate that is used to unsign audit records.]

Specify the fully-qualified file location of the keystore which stores the certificate used to unsign the audit records.

--signingKeyStorePassword=[password]

Specify the password for the keystore that contains the certificate that is used to unsign the audit records.

--signingKeyStoreType=[JKS|JCEKS|PKCS12]

Specify the type of the signing keystore. Supported keystore types are JKS, JCEKS, and PKCS12.

Exit codes

The following exit codes are available for the auditUtility auditReader command:

Exit codes for the auditUtility auditReader command
CodeExplanation

0

OK. 0 indicates successful completion of the requested operation.

1

This code indicates a generic error.

2

This code indicates that the server is not found.

3

This code indicates that the client is not found.

4

This code indicates that the path can not be created.

5

This code indicates that the file already exists.