auditUtility auditReader
The auditUtility auditReader
command decrypts and unsigns an audit log that is encrypted, signed, or both. The command must specify the locations of the audit log and the output file.
Usage examples
The following example demonstrates the proper syntax to decrypt an audit log that is encrypted:
auditUtility auditReader --auditFileLocation=c:/wlp/usr/servers/myserver/logs/audit.log --outputFilelocation=c:/decryptedAuditLogs/decrypted_audit.log --encrypted=true --encKeyStoreLocation=c:/wlp/usr/servers/myserver/mykeystore.PKCS12 --encKeyStorePassword=libertypwd --encKeyStoreType=PKCS12
The following example demonstrates the proper syntax to unsign an audit log that is signed:
auditUtility auditReader --auditFileLocation=c:/wlp/usr/servers/myserver/logs/audit.log --outputFilelocation=c:/unsignedAuditLogs/unsigned_audit.log --signed=true --signingKeyStoreLocation=c:/wlp/usr/servers/myserver/mySiginingKeystore.PKCS12 --signingKeyStorePassword=libertypwd --signingKeyStoreType=PKCS12
Syntax
Run the command from the path_to_liberty/wlp/bin
directory.
auditUtility {auditReader|help} [options]
Options
The following options are available for the auditUtility auditReader
command.
Option | Description |
---|---|
| Specify the fully qualified location of the audit log to decrypt and unsign. This option is required. |
| Specify the fully qualified location of the resulting output log. This option is required. |
| Specify |
| Specify |
| Specify the fully-qualified file location of the keystore that stores the certificate that is used to decrypt the audit records. |
| Specify the password for the keystore that contains the certificate that is used to decrypt the audit records. |
| Specify the type of the encryption keystore. Supported keystore types are |
| Specify |
| Specify the fully-qualified file location of the keystore which stores the certificate used to unsign the audit records. |
| Specify the password for the keystore that contains the certificate that is used to unsign the audit records. |
| Specify the type of the signing keystore. Supported keystore types are |
Exit codes
The following exit codes are available for the auditUtility auditReader
command:
Code | Explanation |
---|---|
0 | OK. 0 indicates successful completion of the requested operation. |
1 | This code indicates a generic error. |
2 | This code indicates that the server is not found. |
3 | This code indicates that the client is not found. |
4 | This code indicates that the path can not be created. |
5 | This code indicates that the file already exists. |