Ticket 1160 audit needed for getKeyInfo; audit missing for auth/authz at REST. This patch addresses: (2) audit needed for getKeyInfo, the 2nd part of this ticket where the key services are missing some auditing.

1 files changed, 9 insertions, 1 deletions

diff --git a/base/server/cmsbundle/src/LogMessages.properties b/base/server/cmsbundle/src/LogMessages.properties
index 6fbd43404..e0e926ccb 100644
--- a/base/server/cmsbundle/src/LogMessages.properties
+++ b/base/server/cmsbundle/src/LogMessages.properties
@@ -2506,7 +2506,15 @@ LOGGING_SIGNED_AUDIT_SECURITY_DATA_RECOVERY_REQUEST_STATE_CHANGE_4=<type=SECURIT
 # RecoveryID must be the recovery request ID
 # Operation is the operation performed (approve, reject, cancel etc.)
 #
-LOGGING_SIGNED_AUDIT_SECURITY_DATA_RETRIEVE_KEY_5=<type=SECURITY_DATA_RETRIEVE_KEY>:[AuditEvent=SECURITY_DATA_RETRIEVE_KEY][SubjectID={0}][Outcome={1}][RecoveryID={2}][KeyID={3}][FailureReason={4}] security data retrieval request
+LOGGING_SIGNED_AUDIT_SECURITY_DATA_RETRIEVE_KEY_5=<type=SECURITY_DATA_RETRIEVE_KEY>:[AuditEvent=SECURITY_DATA_RETRIEVE_KEY][SubjectID={0}][Outcome={1}][RecoveryID={2}][KeyID={3}][Info={4}] security data retrieval request
+#
+# LOGGING_SIGNED_AUDIT_KEY_STATUS_CHANGE
+# - used when modify key status is executed
+# keyID must be an existing key id in the database
+# oldStatus is the old status to change from
+# newStatus is the new status to change to
+#
+LOGGING_SIGNED_AUDIT_KEY_STATUS_CHANGE_6=<type=KEY_STATUS_CHANGE>:[AuditEvent=KEY_STATUS_CHANGE][SubjectID={0}][Outcome={1}][KeyID={2}][OldStatus={3}][NewStatus={4}][Info={5}] Key Status Change
 #
 # LOGGING_SIGNED_AUDIT_SYMKEY_GEN_REQUEST_PROCESSED
 # - used when symmetric key generation request is processed