CONFIG_SERIAL_NUMBER Audit Event - dogtagpki/pki GitHub Wiki

Overview

The CONFIG_SERIAL_NUMBER audit event is generated when configuring serial number ranges (e.g. during cloning) for the legacy sequential serial number or RSNv3.

Examples

CA Cloning

Install a CA subsystem, then create a clone.

The primary CA will generate the following events during cloning:

[AuditEvent=CONFIG_SERIAL_NUMBER][SubjectID=caadmin][Outcome=Success][ParamNameV
alPairs=source;;updateNumberRange+type;;request+beginNumber;;9990001+endNumber;;
10000000] serial number range update
[AuditEvent=CONFIG_SERIAL_NUMBER][SubjectID=caadmin][Outcome=Success][ParamNameV
alPairs=source;;updateNumberRange+type;;serialNo+beginNumber;;fff0001+endNumber;
;10000000] serial number range update
[AuditEvent=CONFIG_SERIAL_NUMBER][SubjectID=caadmin][Outcome=Success][ParamNameV
alPairs=source;;updateNumberRange+type;;replicaId+beginNumber;;96+endNumber;;100
] serial number range update

The secondary CA will not have these events.

KRA Cloning

Install a KRA subsystem, then create a clone.

The primary KRA will generate the following events during cloning:

[AuditEvent=CONFIG_SERIAL_NUMBER][SubjectID=caadmin][Outcome=Success][ParamNameV
alPairs=source;;updateNumberRange+type;;request+beginNumber;;9990001+endNumber;;
10000000] serial number range update
[AuditEvent=CONFIG_SERIAL_NUMBER][SubjectID=caadmin][Outcome=Success][ParamNameV
alPairs=source;;updateNumberRange+type;;serialNo+beginNumber;;fff0001+endNumber;
;10000000] serial number range update
[AuditEvent=CONFIG_SERIAL_NUMBER][SubjectID=caadmin][Outcome=Success][ParamNameV
alPairs=source;;updateNumberRange+type;;replicaId+beginNumber;;96+endNumber;;100
] serial number range update

The secondary KRA will not have these events.

Tip
 To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis.
⚠️ **GitHub.com Fallback** ⚠️