diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2017-01-17 12:19:52 +0100 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2017-03-28 00:37:55 +0200 |
| commit | 18412763e4ec09f4892c2a7b502d72ebfd9fec2a (patch) | |
| tree | e2360a5e9848c42c2d2ee7c1e5a3beb0155b63ea /base/server/cmsbundle | |
| parent | 8cf4c5fadd2d5a154c99430be9898f37163bdac7 (diff) | |
| download | pki-18412763e4ec09f4892c2a7b502d72ebfd9fec2a.tar.gz pki-18412763e4ec09f4892c2a7b502d72ebfd9fec2a.tar.xz pki-18412763e4ec09f4892c2a7b502d72ebfd9fec2a.zip | |
Added audit logs for SSL/TLS events.
The CMSStartServlet has been modified to register an SSL socket
listener called PKIServerSocketListener to TomcatJSS.
The PKIServerSocketListener will receive the alerts generated by
SSL server sockets and generate ACCESS_SESSION_* audit logs.
The CS.cfg for all subsystems have been modified to include
ACCESS_SESSION_* audit events.
https://pagure.io/dogtagpki/issue/2602
Change-Id: If7fb6c1b096ec8c68d1fd08f9132baf099816f11
Diffstat (limited to 'base/server/cmsbundle')
| -rw-r--r-- | base/server/cmsbundle/src/LogMessages.properties | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/base/server/cmsbundle/src/LogMessages.properties b/base/server/cmsbundle/src/LogMessages.properties index 0bcbcc543..dde53ba73 100644 --- a/base/server/cmsbundle/src/LogMessages.properties +++ b/base/server/cmsbundle/src/LogMessages.properties @@ -2711,6 +2711,33 @@ LOGGING_SIGNED_AUDIT_TOKEN_STATE_CHANGE_8=<type=TOKEN_STATE_CHANGE>:[AuditEvent= # separated by + (if more than one name;;value pair) of config params changed # LOGGING_SIGNED_AUDIT_AUTHORITY_CONFIG_3=<type=AUTHORITY_CONFIG>:[AuditEvent=AUTHORITY_CONFIG][SubjectID={0}][Outcome={1}][ParamNameValPairs={2}] lightweight authority configuration change +# +# LOGGING_SIGNED_AUDIT_ACCESS_SESSION_ESTABLISH_FAILURE +# - used when access session failed to establish +# ParamNameValPairs must be a name;;value pair +# (where name and value are separated by the delimiter ;;) +# separated by + (if more than one name;;value pair) of config params changed +# +LOGGING_SIGNED_AUDIT_ACCESS_SESSION_ESTABLISH_FAILURE=\ +<type=ACCESS_SESSION_ESTABLISH_FAILURE>:[AuditEvent=ACCESS_SESSION_ESTABLISH_FAILURE][ClientIP={0}][ServerIP={1}][SubjectID={2}][Outcome=Failure][Info={3}] access session establish failure +# +# LOGGING_SIGNED_AUDIT_ACCESS_SESSION_ESTABLISH_SUCCESS +# - used when access session was established successfully +# ParamNameValPairs must be a name;;value pair +# (where name and value are separated by the delimiter ;;) +# separated by + (if more than one name;;value pair) of config params changed +# +LOGGING_SIGNED_AUDIT_ACCESS_SESSION_ESTABLISH_SUCCESS=\ +<type=ACCESS_SESSION_ESTABLISH_SUCCESS>:[AuditEvent=ACCESS_SESSION_ESTABLISH_SUCCESS][ClientIP={0}][ServerIP={1}][SubjectID={2}][Outcome=Success] access session establish success +# +# LOGGING_SIGNED_AUDIT_ACCESS_SESSION_TERMINATED +# - used when access session was terminated +# ParamNameValPairs must be a name;;value pair +# (where name and value are separated by the delimiter ;;) +# separated by + (if more than one name;;value pair) of config params changed +# +LOGGING_SIGNED_AUDIT_ACCESS_SESSION_TERMINATED=\ +<type=ACCESS_SESSION_TERMINATED>:[AuditEvent=ACCESS_SESSION_TERMINATED][ClientIP={0}][ServerIP={1}][SubjectID={2}][Outcome=Success] access session terminated ########################### |