CONFIG_ROLE Audit Event - dogtagpki/pki GitHub Wiki

Overview

The CONFIG_ROLE audit event is generated when configuring role information (anything under users/groups) add/remove/edit a role, etc).

Properties:

  • ParamNameValPairs must be a name;;value pair (where name and value are separated by the delimiter ;;) separated by + (if more than one name;;value pair) of config params changed

Examples

Adding User

Use PKI CLI to add a user:

$ pki -n caadmin ca-user-add testuser --fullName "Test User" --password Secret.123

The server will generate the following events:

[AuditEvent=CONFIG_ROLE][SubjectID=caadmin][Outcome=Success][ParamNameValPairs=S
cope;;users+Operation;;OP_ADD+Resource;;testuser+password;;********+phone;;<null
>+state;;<null>+userType;;<null>+fullname;;Test User+email;;<null>] role configu
ration parameter(s) change

Adding Group Member

Use PKI CLI to add a member to a group:

$ pki -n caadmin ca-group-member-add Administrators testuser

The server will generate the following events:

[AuditEvent=CONFIG_ROLE][SubjectID=caadmin][Outcome=Success][ParamNameValPairs=S
cope;;members+Operation;;OP_ADD+Resource;;Administrators+user;;testuser] role co
nfiguration parameter(s) change
Tip
 To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis.
⚠️ **GitHub.com Fallback** ⚠️