Fetch device audit log.
Fetch all current entries from the device Log Store.
yubihsm> audit get 0 0 unlogged boots found 0 unlogged authentications found Found 6 items item: 46 -- cmd: 0x4b -- length: 234 -- session key: 0x0001 -- target key: 0xcf94 -- second key: 0x997e -- result: 0xcb -- tick: 335725 -- hash: 415f51f1f035a1b713e730e4464e4033 item: 47 -- cmd: 0x4c -- length: 77 -- session key: 0x0001 -- target key: 0xaff7 -- second key: 0xffff -- result: 0xcc -- tick: 351714 -- hash: 5496a60d478c2b9c801d8d32ca66b554 item: 48 -- cmd: 0x00 -- length: 0 -- session key: 0xffff -- target key: 0x0000 -- second key: 0x0000 -- result: 0x00 -- tick: 0 -- hash: 14ac7747ba9bbb243cfc70befeb5349b item: 49 -- cmd: 0x03 -- length: 10 -- session key: 0xffff -- target key: 0x0001 -- second key: 0xffff -- result: 0x83 -- tick: 139 -- hash: b20a8f25c025e693a8e869b433294a20 item: 50 -- cmd: 0x04 -- length: 17 -- session key: 0xffff -- target key: 0x0001 -- second key: 0xffff -- result: 0x84 -- tick: 139 -- hash: ebfae425c319ac7a0afbb8b92597de7c item: 51 -- cmd: 0x67 -- length: 2 -- session key: 0x0001 -- target key: 0xffff -- second key: 0xffff -- result: 0xe7 -- tick: 697 -- hash: 2e395d1b706668737e1d2215813db47e
Tc = 0x4d |
Lc = 0 |
Vc = Ø |
Tr = 0xcd |
Lr = 2 + 2 + 1 + (N * 32) |
Vr = B || O || N || E1 || E2 || … || EN |
B := Number of unlogged boot events (if the log buffer is full and audit enforce is set) (2 bytes)
O := Number of unlogged authentication events (if the log buffer is full and audit enforce is set) (2 bytes)
N := Number of elements in the list (1 byte)
Ei := Generic log entry composed of
Command number (two bytes)
Command ID (one byte)
Command length (two bytes)
ID of the originating session’s authentication key (two bytes)
Target key affected by the command (two bytes)
Secondary key if the command affected more than one key (two bytes)
Result of the command on success or an error code if unsuccessful (one byte)
Systick when the command was processed (4 bytes)
Digest (16 bytes)
The digest is computed as trunc(16, SHA256(Ei.Data || trunc(16, Ei-1.Digest))). For the initial log entry, a random string of 32 bytes is used, instead of the digest of the previous message.
When the device initializes after a reset, a log entry with all fields set to
0xff
is logged.
When the device boots up, a log entry with all fields set to 0x00
is logged.