5.2. Syntax
The
AuditVerify tool has the following syntax:
AuditVerify -d dbdir -n signing_certificate_nickname -a logListFile [-P cert/key_db_prefix] [-v]
| Option | Description |
|---|---|
a |
Specifies the text file containing a comma separated list (in chronological order) of the signed audit logs to be verified. The contents of the logListFile are the full paths to the audit logs. For example:
/var/log/pki-ca/signedAudit/ca_cert-ca_audit, /var/log/pki-ca/signedAudit/ca_cert-ca_audit.20030227102711, /var/log/pki-ca/signedAudit/ca_cert-ca_audit.20030226094015
This file should be created in a directory which is writeable by the auditor, such as a special auditing directory like
~jsmith/auditDir.
|
d | Specifies the directory containing the security databases with the imported audit log signing certificate. This directory is almost always the auditor's own personal certificate databases in a personal directory, such as ~jsmith/auditVerifyDir/. |
n | Gives the nickname of the certificate used to sign the log files. The nickname is whatever was used when the log signing certificate was imported into that database. |
P | Optional. The prefix to prepend to the certificate and key database filenames. If used, a value of empty quotation marks (“”) should be specified for this argument, since the auditor is using separate certificate and key databases from the Certificate System instance and it is unlikely that the prefix should be prepended to the new audit security database files. |
v | Optional. Specifies verbose output. |
