Hardware Security Module (HSM)

Workload location	Hardware
Audit log source	Syslog format
Audited operations	Create Hewlett Packard Enterprise Integrated Lights-Out (HPE iLO) tenant key Create NetApp ONTAP tenant key

Create HPE iLO tenant key

Fields in the log entry that contain audit information
Audit metadata	Audit field name	Value
User or service identity	Not applicable	Not applicable
Target (Fields and values that call the API)	Not applicable	Not applicable
Action (Fields containing the performed operation)	`message.action`	For example, "message":{ "action":"Create Key" }
Event timestamp	`time`	For example, `"time":"2022-11-14T14:55:53.051642Z"`
Source of action	`message.sourceIPs`	For example, "message":{ "sourceIPs":["10.142.0.27"] }
Outcome	`message.response`	Either `success` or `failure`. For example, "message":{ "response":"success" }
Other fields	The `message.description` field contains the complete log message retrieved directly from the HSM.	For more information, see the Example log.

Example log

{
  "pri":"14",
  "time":"2022-11-14T14:55:53.051642Z",
  "host":"hsmcluster",
  "ident":"hsmcluster",
  "pid":"-",
  "msgid":"-",
  "extradata":"-",
  "message":{
    "time":"2022-11-14T14:55:53.051642Z",
    "auditID":"bda22019-e565-4781-9c81-7a148cd1dfec",
    "user":{},
    "resource":"gpc-system/8b06-ddef1a-d643-469c-8a96-2339b1c",
    "action":"Create Key",
    "description":{
      "account":"kylo:kylo-ddb1c-f5a5:admin:accounts:kylo-ddadef1a-d643-23c",
      "application":"ncryptify:gemalto:admin:apps:kylo",
      "client_ip":"10.142.0.27",
      "createdAt":"2022-11-14T14:55:53.051642Z",
      "details":{
        "algorithm":"AES",
        "aliases":[{
          "alias":"ontap-admin-org-1-e09a731927eca3c",
          "index":0,
          "type":"string"
          }],
        "domain":"ddadef1a-d643-469c-8a96-23333e169b1c",
        "id":"8b0aec4f428354248f766",
        "name":"ontap-admin-org-1-e09a731927eca3c",
        "objectType":"Symmetric Key",
        "ownerId":"local|2620af75-cfd5-4279-88f1-c7977a317224",
        "size":256,
        "uri":"kylo:kylo-ddadef1a-d643-469c-8a96-233e16b1c:vault:keys:ontap-admin-org-1-e09a731927eca3c-v0",
        "usageMask":12
        },
      "devAccount":"ncryptify:gemalto:admin:accounts:gemalto",
      "id":"e352167a-60ce-4054-be1a-5cd09f2c64f4",
      "message":"Create Key",
      "principal":{
        "acc":"kylo/ddadef1a-d643-469c-8a96-23333e169b1c",
        "acct":"kylo:kylo-ddadefe169b1c:admin:accounts:kylo-ddadef1a-d643-469c-8a96-23333e169b1c",
        "iss":"kylo",
        "sub":"local|2620af75-cfd5-4279-88f1-c7977a317224"
        },
      "service":"minerva",
      "severity":"info",
      "source":"ciphertrust",
      "success":true,
      "requestId":"b0e2bc 72-63e3-446e-80d3-2d2dc8987915",
      "uri":"kylo:kylo-ddadef1a-d643-469c-8a96-233339b1c:audit:records:e3567a-60ce-4054-be1a-5cdf4",
      "username":"admin"
      },
    "sourceIPs":["10.142.0.27"],
    "response":"success",
    "_gdch_org":"org-1-admin",
    "_gdch_service":"hsm"
    },
  "_gdch_cluster":"org-1-admin",
  "_gdch_fluentbit_pod":"anthos-audit-logs-forwarder-ttg7r",
  "_gdch_service_name":"admin-audit-logs"
}

Create NetApp ONTAP tenant key

Fields in the log entry that contain audit information
Audit metadata	Audit field name	Value
User or service identity	Not applicable	Not applicable
Target (Fields and values that call the API)	Not applicable	Not applicable
Action (Fields containing the performed operation)	`message.action`	For example, "message":{ "action":"Create Key" }
Event timestamp	`time`	For example, `"time":"2022-11-14T14:55:53.051642Z"`
Source of action	`message.sourceIPs`	For example, "message":{ "sourceIPs":["10.142.0.27"] }
Outcome	`message.response`	Either `success` or `failure`. For example, "message":{ "response":"success" }
Other fields	The `message.description` field contains the complete log message retrieved directly from the HSM.	For more information, see the Example log.

Example log

{
  "pri":"14",
  "time":"2022-11-14T14:55:53.051642Z",
  "host":"hsmcluster",
  "ident":"hsmcluster",
  "pid":"-",
  "msgid":"-",
  "extradata":"-",
  "message":{
    "time":"2022-11-14T14:55:53.051642Z",
    "auditID":"bda22019-e565-4781-9c81-7a148cd1dfec",
    "user":{},
    "resource":"gpc-system/8b06-ddef1a-d643-469c-8a96-2339b1c",
    "action":"Create Key",
    "description":{
      "account":"kylo:kylo:admin:accounts:kylo",
      "application":"ncryptify:gemalto:admin:apps:kylo",
      "client_ip":"10.142.0.27",
      "createdAt":"2022-11-14T14:55:53.051642Z",
      "details":{
        "algorithm":"AES",
        "aliases":[{
          "alias":"ten-user-org-1",
          "index":0,
          "type":"string"
          }],
        "domain":"root",
        "id":"8b0aec4f428354248f766",
        "name":"ten-user-org-1",
        "objectType":"Symmetric Key",
        "ownerId":"",
        "size":256,
        "uri":"kylo:kylo:vault:keys:ten-user-org-1-v0",
        "usageMask":4194303
        },
      "devAccount":"ncryptify:gemalto:admin:accounts:gemalto",
      "id":"e352167a-60ce-4054-be1a-5cd09f2c64f4",
      "message":"Create Key",
      "principal":{
        "acc":"kylo",
        "acct":"kylo:kylo:admin:accounts:kylo",
        "iss":"kylo",
        "sub":"local|2620af75-cfd5-4279-88f1-c7977a317224"
        },
      "service":"minerva",
      "severity":"info",
      "source":"ciphertrust",
      "success":true,
      "requestId":"b0e2bc 72-63e3-446e-80d3-2d2dc8987915",
      "uri":"kylo:kylo:audit:records:e3567a-60ce-4054-be1a-5cdf4",
      "username":"admin"
      },
    "sourceIPs":["10.142.0.27"],
    "response":"success",
    "_gdch_org":"org-1-admin",
    "_gdch_service":"hsm"
    },
  "_gdch_cluster":"org-1-admin",
  "_gdch_fluentbit_pod":"anthos-audit-logs-forwarder-ttg7r",
  "_gdch_service_name":"admin-audit-logs"
}