auditUtility auditReader

The auditUtility auditReader command decrypts and unsigns an audit log that is encrypted, signed, or both. The command must specify the locations of the audit log and the output file.

Usage examples

The following example demonstrates the proper syntax to decrypt an audit log that is encrypted:

auditUtility auditReader
  --auditFileLocation=c:/wlp/usr/servers/myserver/logs/audit.log
  --outputFilelocation=c:/decryptedAuditLogs/decrypted_audit.log
  --encrypted=true
  --encKeyStoreLocation=c:/wlp/usr/servers/myserver/mykeystore.PKCS12
  --encKeyStorePassword=libertypwd
  --encKeyStoreType=PKCS12

The following example demonstrates the proper syntax to unsign an audit log that is signed:

auditUtility auditReader
  --auditFileLocation=c:/wlp/usr/servers/myserver/logs/audit.log
  --outputFilelocation=c:/unsignedAuditLogs/unsigned_audit.log
  --signed=true
  --signingKeyStoreLocation=c:/wlp/usr/servers/myserver/mySiginingKeystore.PKCS12
  --signingKeyStorePassword=libertypwd
  --signingKeyStoreType=PKCS12

Syntax

Run the command from the path_to_liberty/wlp/bin directory.

auditUtility {auditReader|help} [options]

Options

The following options are available for the auditUtility auditReader command.

*Options for the auditUtility auditReader command.*
Option	Description
`--auditFileLocation`=[location of encrypted, signed, or encrypted and signed audit log]	Specify the fully qualified location of the audit log to decrypt and unsign. This option is required.
`--outputFileLocation`=[location of resulting decrypted and unsigned audit log]	Specify the fully qualified location of the resulting output log. This option is required.
`--debug`=[true\|false]	Specify `true` to enable trace. Debug is disabled by default.
`--encrypted`=[true\|false]	Specify `true` if the audit log is encrypted and `false` if it is not encrypted.
`--encKeyStoreLocation`=[fully-qualified file location of keystore used to store the certificate used to decrypt audit records.]	Specify the fully-qualified file location of the keystore that stores the certificate that is used to decrypt the audit records.
`--encKeyStorePassword`=[password]	Specify the password for the keystore that contains the certificate that is used to decrypt the audit records.
`--encKeyStoreType`=[JKS\|JCEKS\|PKCS12]	Specify the type of the encryption keystore. Supported keystore types are `JKS`, `JCEKS`, and `PKCS12`.
`--signed`=[true\|false]	Specify `true` if the audit log is signed and `false` if it is not signed.
`--signingKeyStoreLocation`=[fully-qualified file location of keystore used to store the certificate that is used to unsign audit records.]	Specify the fully-qualified file location of the keystore which stores the certificate used to unsign the audit records.
`--signingKeyStorePassword`=[password]	Specify the password for the keystore that contains the certificate that is used to unsign the audit records.
`--signingKeyStoreType`=[JKS\|JCEKS\|PKCS12]	Specify the type of the signing keystore. Supported keystore types are `JKS`, `JCEKS`, and `PKCS12`.

Exit codes

The following exit codes are available for the auditUtility auditReader command:

*Exit codes for the auditUtility auditReader command*
Code	Explanation
0	OK. 0 indicates successful completion of the requested operation.
1	This code indicates a generic error.
2	This code indicates that the server is not found.
3	This code indicates that the client is not found.
4	This code indicates that the path can not be created.
5	This code indicates that the file already exists.