The following audit events are enabled by default in TPS subsystem:
Event | Filter |
---|---|
ACCESS_SESSION_ESTABLISH | |
ACCESS_SESSION_TERMINATED | |
AUDIT_LOG_SIGNING | |
AUDIT_LOG_STARTUP | |
AUTH | |
AUTHZ | |
CLIENT_ACCESS_SESSION_ESTABLISH | |
CLIENT_ACCESS_SESSION_TERMINATED | |
CONFIG_ACL | |
CONFIG_AUTH | |
CONFIG_ENCRYPTION | |
CONFIG_ROLE | |
CONFIG_SIGNED_AUDIT | |
CONFIG_TOKEN_AUTHENTICATOR | |
CONFIG_TOKEN_CONNECTOR | |
CONFIG_TOKEN_MAPPING_RESOLVER | |
CONFIG_TOKEN_RECORD | |
CONFIG_TRUSTED_PUBLIC_KEY | |
KEY_GEN_ASYMMETRIC | |
LOG_PATH_CHANGE | |
RANDOM_GENERATION | (Outcome=Failure) |
ROLE_ASSUME | |
SCHEDULE_CRL_GENERATION | |
SELFTESTS_EXECUTION | |
SERVER_SIDE_KEYGEN_REQUEST | |
SERVER_SIDE_KEYGEN_REQUEST_PROCESSED | |
TOKEN_APPLET_UPGRADE | (Outcome=Failure) |
TOKEN_KEY_CHANGEOVER | (Outcome=Failure) |
TOKEN_KEY_CHANGEOVER_REQUIRED |
This information can also be obtained with the following command:
$ pki-server tps-audit-event-find --enabledByDefault True