Audit Log Filter file naming conventions¶
The feature is in tech preview.
The audit log filter file name has the following qualities:
- Optional directory name
- Base name
- Optional suffix
- Compression adds the
- Encryption adds the
pwd_id represents the password used for encrypting the log files. The audit log filter plugin stores passwords in the keyring.
You can combine compression and encryption, which adds both suffixes to the
The following table displays the possible ways a file can be named:
|Default name||Enabled feature|
|audit.log||No compression or encryption|
Encryption ID format¶
The format for
pwd_id is the following:
- A UTC value in
YYYYMMDDThhmmssformat that represents when the password was created
- A sequence number that starts at
1and increases if passwords have the same timestamp value
The following are examples of pwd_id values:
20230417T082215-1 20230301T061400-1 20230301T061400-2
The following example is a list of the audit log filter files with the
audit_filter.log.20230417T082215-1.enc audit_filter.log.20230301T061400-1.enc audit_filter.log.20230301T061400-2.enc
The current password has the largest sequence number.
During initialization, the plugin checks if a file with that name exists. If it does, the plugin renames the file. The plugin writes to an empty file.
During termination, the plugin renames the file.