From de9f890133e3acc660b985e8ef5950507d341a03 Mon Sep 17 00:00:00 2001 From: Ade Lee Date: Tue, 23 May 2017 12:14:06 -0400 Subject: Make sure archivalID is passed through archival There was some confusion in the previous commit for archival logging. The archivalID is the id provided by the CA for the archival and is its requestID. This allows the cert request operation to be tracked through the archival. Made sure therefore, that we have two fields - one for the archivalID and one for the requestId (which is the KRA archival request ID) In addition, some of the archival events occur in the CA component just before the request id sent to the KRA. These events will not be displayed unless the audit event is added to the CA CS.cfg. Change-Id: I3904d42ae677d5916385e0120f0e25311b4d9d08 --- base/server/cmsbundle/src/LogMessages.properties | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) (limited to 'base/server/cmsbundle/src') diff --git a/base/server/cmsbundle/src/LogMessages.properties b/base/server/cmsbundle/src/LogMessages.properties index 44eec2347..66a7fd072 100644 --- a/base/server/cmsbundle/src/LogMessages.properties +++ b/base/server/cmsbundle/src/LogMessages.properties @@ -2414,17 +2414,23 @@ LOGGING_SIGNED_AUDIT_CONFIG_SERIAL_NUMBER_1=:[AuditEv # LOGGING_SIGNED_AUDIT_SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED # - used when user security data archive request is processed # this is when DRM receives and processed the request -# Client ID must be the user supplied client ID associated with +# ArchivalRequestID is the requestID provided by the CA through the connector +# It is used to track the request through from CA to KRA. +# RequestId is the KRA archival request ID +# ClientKeyID must be the user supplied client ID associated with # the security data to be archived # -LOGGING_SIGNED_AUDIT_SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED=:[AuditEvent=SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED][SubjectID={0}][Outcome={1}][ArchivalRequestID={2}][ClientKeyID={3}][KeyID={4}][FailureReason={5}][PubKey={6}] security data archival request processed +LOGGING_SIGNED_AUDIT_SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED=:[AuditEvent=SECURITY_DATA_ARCHIVAL_REQUEST_PROCESSED][SubjectID={0}][Outcome={1}][ArchivalRequestID={2}][RequestId={3}][ClientKeyID={4}][KeyID={5}][FailureReason={6}][PubKey={7}] security data archival request processed # # LOGGING_SIGNED_AUDIT_SECURITY_DATA_ARCHIVAL_REQUEST # - used when security data recovery request is made -# RecoveryID must be the recovery request ID -# CientID is the ID of the security data to be archived +# ArchivalRequestID is the requestID provided by the CA through the connector +# It is used to track the request through from CA to KRA. +# RequestId is the KRA archival request ID +# ClientKeyID must be the user supplied client ID associated with +# the security data to be archived # -LOGGING_SIGNED_AUDIT_SECURITY_DATA_ARCHIVAL_REQUEST=:[AuditEvent=SECURITY_DATA_ARCHIVAL_REQUEST][SubjectID={0}][Outcome={1}][ArchivalRequestID={2}][ClientKeyID={3}] security data archival request made +LOGGING_SIGNED_AUDIT_SECURITY_DATA_ARCHIVAL_REQUEST=:[AuditEvent=SECURITY_DATA_ARCHIVAL_REQUEST][SubjectID={0}][Outcome={1}][ArchivalRequestID={2}][RequestId={3}][ClientKeyID={4}] security data archival request made # # # LOGGING_SIGNED_AUDIT_SECURITY_DATA_RECOVERY_REQUEST_PROCESSED -- cgit