You can use the Jython scripting language to configure the security auditing system with the wsadmin tool. Use the commands and parameters in the AuditKeyStoreCommands group to configure audit keystores in the security auditing system.
Creates a keystore in the audit.xml file. The system uses this keystore to encrypt audit records.
The user must have the auditor administrative role to run this command.
Target object
None.
Required parameters
Optional parameters
Return value
KeyStore_1173199825578
Batch mode example usage
AdminTask.createAuditKeyStore('-keyStoreName mynewkeystore -keyStoreLocation
c:\install_root\appserver\profiles\AppSrv01\config\cells -keyStorePassword
myPwd -keyStorePasswordVerify myPwd -keyStoreProvider IBMJCE -scopeName (cell):Node04Cell')
AdminTask.createAuditKeyStore(['-keyStoreName', 'mynewkeystore', '-keyStoreLocation',
'c:\install_root\appserver\profiles\AppSrv01\config\cells', '-keyStorePassword',
'myPwd', '-keyStorePasswordVerify', 'myPwd', '-keyStoreProvider', 'IBMJCE',
'-scopeName', '(cell):Node04Cell'])
Interactive mode example usage
AdminTask.createAuditKeyStore('-interactive')
The deleteAuditKeyStore command removes the reference to an audit keystore from the audit.xml configuration file.
The user must have the auditor administrative role to run this command.
Target object
None.
Required parameters
Optional parameters
Return value
The command returns a value of true if the system successfully removes the reference to the keystore from the audit.xml configuration file.
Batch mode example usage
AdminTask.deleteAuditKeyStore('-keyStoreName AuditDefaultKeyStore -scopeName
(cell):Node04Cell -removeKeyStoreFile false')
AdminTask.deleteAuditKeyStore(['-keyStoreName', 'AuditDefaultKeyStore', '-scopeName',
'(cell):Node04Cell', '-removeKeyStoreFile', 'false'])
Interactive mode example usage
AdminTask.deleteAuditKeyStore('-interactive')
The getAuditKeyStoreInfo command returns a list of attributes for the keystore that the system uses to encrypt audit records.
The user must have the monitor administrative role to run this command.
Target object
None.
Required parameters
Optional parameters
Return value
{{location ${CONFIG_ROOT}/audittrust.p12} {password *****} {_Websphere_Config_Data_Id cells/Node04Cell|audit.xml#KeyStore_1173199825578} {_Websphere_Config_Data_Version {}} {useForAcceleration false} {slot 0} {type PKCS12} {additionalKeyStoreAttrs {}} {fileBased true} {_Websphere_Config_Data_Type KeyStore} {customProviderClass {}} {hostList {}} {createStashFileForCMS false} {description {keyStore description}} {readOnly false} {initializeAtStartup true} {managementScope (cells/Node04Cell|audit.xml#ManagementScope_1173199825608)}
Batch mode example usage
AdminTask.getAuditKeyStoreInfo('-keyStoreName AuditDefaultKeyStore')
AdminTask.getAuditKeyStoreInfo(['-keyStoreName', 'AuditDefaultKeyStore'])
Interactive mode example usage
AdminTask.getAuditKeyStoreInfo('-interactive')
The listAuditKeyStores command lists the attributes for the audit keystores within a specific management scope or for all audit keystores.
The user must have the monitor administrative role to run this command.
Target object
None.
Optional parameters
Return value
{{location ${CONFIG_ROOT}/audittrust.p12} {password *****} {_Websphere_Config_Data_Id cells/Node04Cell|audit.xml#KeyStore_1173199825578} {_Websphere_Config_Data_Version {}} {useForAcceleration false} {slot 0} {type PKCS12} {additionalKeyStoreAttrs {}} {fileBased true} {_Websphere_Config_Data_Type KeyStore} {customProviderClass {}} {hostList {}} {keyStoreRef KeyStore_1173199825578} {createStashFileForCMS false} {description {keyStore description}} {managementScope (cells/Node04Cell|audit.xml#ManagementScope_1173199825608)} {readOnly false} {initializeAtStartup true} {usage {}} {provider IBMJCE}{name AuditDefaultKeyStore}} {{location c:\install_root\appserver\profiles\AppSrv01\config\cells} {password *****} {_Websphere_Config_Data_Id cells/Node04Cell|audit.xml#KeyStore_1184700968484} {_Websphere_Config_Data_Version {}} {useForAcceleration false} {slot 0} {type PKCS12} {additionalKeyStoreAttrs {}} {fileBased true} {_Websphere_Config_Data_Type KeyStore} {customProviderClass {}} {hostList {}} {keyStoreRef KeyStore_1184700968484} {createStashFileForCMS false} {description {}} {managementScope {}} {readOnly false} {initializeAtStartup false} {usage {}} {provider IBMJCE} {name mykeystore}}
Batch mode example usage
AdminTask.listAuditKeyStores('-scopeName (cell):Node04Cell')
AdminTask.listAuditKeyStores(['-scopeName', '(cell):Node04Cell'])
Interactive mode example usage
AdminTask.listAuditKeyStores('-interactive')
The modifyAuditKeyStore command modifies the keystore reference in the audit.xml file. The command edits keystore that encrypts audit records.
The user must have the auditor administrative role to run this command.
Target object
None.
Required parameters
Optional parameters
Return value
The command returns a value of true if the system successfully modifies the keystore.
Batch mode example usage
AdminTask.modifyAuditKeyStore('-keyStoreName AuditDefaultKeyStore -scopeName
(cell):Node04Cell -keyStoreType PKCS12 -keyStoreLocation
c:\install_root\appserver\profiles\AppSrv01\config\cells\Node04Cell\audittrust.p12
-keyStorePassword myPwd')
AdminTask.modifyAuditKeyStore(['-keyStoreName', 'AuditDefaultKeyStore', '-scopeName',
'(cell):Node04Cell', '-keyStoreType', 'PKCS12', '-keyStoreLocation',
'c:\install_root\appserver\profiles\AppSrv01\config\cells\Node04Cell\audittrust.p12',
'-keyStorePassword', 'myPwd'])
Interactive mode example usage
AdminTask.modifyAuditKeyStore('-interactive')