Verify audit record packages by confirming the contents
of the checksum file. A checksum file is included with each audit
record package to confirm that the package is valid and not corrupted.
Before you begin
Download the audit record package that you want to verify
from the console or
the external storage server.
You must be assigned the Auditing role with permission to View all auditing reports (Read-only) to perform these steps.
About this task
These steps also require use of base64 and openssl commands.
Procedure
- Obtain the public key for the audit record package from
the following URL: https://[PureApp server hostname
or IP address]/audit/resources/recordpackages?server_public_key,
where [server hostname or IP address] is the Cloud Pak System Software server
name or IP address.
- Save the public key information as a text file.
- Extract the comma-separated values (CSV) file and the checksum
file from the audit record package compressed file.
- Enter the base64 command to decode the
checksum file:
# cat puresystems-auto-audit-XXX.checksum | base64 --decode > decoded-puresystems-auto-audit-XXX.checksum
- Enter the openssl command to verify
the audit records:
# openssl dgst -sha512 -verify [publicKeyFile] -signature [decoded(checksum)File] [messageFile]
where
[messageFile] is
the CSV file that you extracted from the audit record compressed file.