115 log file naming conventions – HP Secure Key Manager User Manual
Page 222
Your rotation schedule can be set to automatically rotate logs on a daily, weekly, or monthly basis, at
any time of day. The system maintains these settings for each log type; your Activity and Audit logs,
for example, can adhere to different schedules.
By specifying a maximum log file size, you can ensure that logs are rotated when they reach a certain
size, regardless of their rotation schedule.
For example, you can schedule that system rotate the Audit Log every Sunday morning at 3:15 or when
the file size reaches 100 MB, whichever comes first.
Log archives
If you do not configure the log transfer feature, old log files are stored on the SKM. For each type of log,
you can select the maximum number of log files that can be archived. When that maximum number is
reached, any new addition to the log archive will remove the oldest log file.
For example, suppose you limit the number of archived System Logs to six and do not enable the log
transfer feature. After six System Log rotations, the archive is full. The next time you rotate the System log,
the oldest System log file on the SKM will be removed to make room for the latest System log file.
If you limit the number of archived System Logs to six and do enable the log transfer feature, logs that
would normally be deleted are instead sent to the transfer destination.
If you set the number of archived logs to zero, no logs will be archived. Rotated logs will either be deleted
or sent to the transfer destination, depending on your log transfer settings.
IMPORTANT:
The SKM should not be a permanent storage place for log files. You should transfer those files to
another location.
Log transfer
For more information on streaming Activity logs to a remote server, see
.
The SKM acts as a temporary repository for logs; it is not meant to store log files permanently. We
recommend that you enable the log transfer feature and store your log files on a log server.
There are four different ways you can transfer a log file off of an SKM: SCP, FTP, browser download,
and syslog. Because syslog and FTP are not secure protocols, we recommend that you use SCP to
transfer your log files.
When a log is rotated, if you have configured a transfer destination for that log, the SKM attempts to
transfer that log file to the location you have specified. If the file transfer fails, the log file sits in a queue
as the SKM attempts to transfer the file every two hours until it is successfully transferred. If the SKM
rotates the log before that file is successfully transferred, the SKM attempts to transfer both the current log
file and the log file that previously failed to transfer.
Log File naming convention
When a log file is transferred off of the SKM, the following naming convention is applied:
<log type>.<archive number>.<datetime stamp>.<hostname>
Table 115 Log file naming conventions
Value
Description
log type
The type of log (e.g., System Log, Audit Log.)
archive number
This number indicates the file’s place in the log archive on the SKM. 1 indicates
the most recent log file.
datetime stamp
The date and time when the log file was created.
hostname
The hostname of the SKM.
222
Using the Management Console