Secure+ Parameters File Audit Log Entries
Each audit log has the following header:
[YYYYMMDD][HH:MM:SS:mmm][userid] |
When a parameter file is created or opened, an ID is generated that associates the change with the node being updated as shown in the following:
[YYYYMMDD][HH:MM:SS:mmm][userid][ParmFileID] |
The following fields may appear in a create, update, or delete audit record.
Field Name | Description |
---|---|
Name | Name of the node |
BaseRecord | Name of the base record |
Type | Record type of local, remote, or alias |
Protocol | Enables Connect:Direct® Secure Plus protocol |
Override | Enables overriding the current node |
AuthTimeOut | Authentication timeout |
SslTlsTrustedRootCertFile | Pathname to trusted roots file |
SslTlsCertFile | Pathname to key certificate file |
SslTlsCertPassphrase | Key certificate passphrase (masked) |
SslTlsEnableClientAuth | Enable client authentication |
SslTlsCertCommonName | Common name of the remote certificate to verify |
SslTlsEnableCipher | List of SSL/TLS cipher suites |
SslTlsSeaEnable | Enable external authentication |
SslTlsSeaCacheEnable | Enable caching External Authentication Server certificate validation response. |
SeaCacheValidityTime | Time duration during which the local cache entry is valid for certificates |
SeaGraceValidityTime | Number of hours when the local cache entry of certificate expires and External Authentication Server is unavailable such that Connect:Direct Secure Plus can accept it from its cache. |
SeaCertValDef | External authentication validation definition |
SeaHost | External authentication host name |
SeaPort | External authentication port number |
Secure+ Parameters File Audit Log Error Reporting
Errors are reported for the following logging functions: open log, write log, and lock log. If an error occurs during one of these functions, an error message is displayed, and the application is terminated. The lock function times out after 30 seconds. Typically, Secure+ Admin Tool or the Secure+ CLI hold the lock for less than one second per update.