The audit log contains a record of all TOE administrative activities. The stored audit records in the audit trail are protected from unauthorized modifications and deletion. For more information about the audit log, see Using the Audit Log. Note that the detailed and brief log types do not depend on the CC mode.
Following are the events that are logged and examples of their corresponding audit log messages:
...
Event: Enable Common Criteria mode:
Message: 2011-10-19 19:48:37.299Z [admin]: Login_Allowed - - to=Serial\040Console apparently_via=Directauth=Local group=.admin-group
...
Event: Disable Common Criteria mode:
Message: 2011-10-19 19:48:37.299Z [admin]: Login_Allowed - - to=Serial\040Console apparently_via=Directauth=Local group=.admin-group
Message: 2011-10-19 19:48:48.705Z [admin]: Called - set_cc_mode: Args cc_mode_enabled="false"
...
Event: New password did not conform to the rule.
Message: 2011-10-19 13:07:33.343Z [user]: Password_Reset_Error - - to=AdminConnector auth=LOCALgroup=admin-group apparently_via=GUI
Quotas
Event: Upload file limit reached.
Message: user manojk-vm httpd[]: err User {0} tried to upload the file. File {1} with size 272629904 kBytes is greater than maximum size allowed. Maximum size is 102400 kBytes.
LDAP
Event: Establishment of session
Message: 2011-10-27T07:50:59-04:00 user epbyminw0065t2 python[]: notice Connection established:success
...
Event: Crypto Failure (Type and name of crypto algorithm that failed cannot be logged, since openldap uses SSL/TLS protocol functions from OpenSSL and did not use crypto functions directly.)
Message: 2011-10-27T07:51:00-04:00 user epbyminw0065t2 python[]: err SSL handshake failed.
Message: 2011-10-27T07:51:02-04:00 user epbyminw0065t2 python[]: err SSL handshake failed. Cannot verify server certificate.
GSS-TSIG
Event: Invalid size specified for algorithm HMAC-SHA256
Message: 2011-10-19T17:57:12-04:00 user EPBYMINW2856 httpd[]: err TSIG key generation failure: Size 512 can not be used with algorithm HMAC-SHA256
...
Event: Import error (TSIG algorithm is not allowed in Common Criteria mode)
Message: [2011/10/20 09:38:42.496] (24473 /usr/bin/python)/infoblox/common/lib/python/infoblox/one/csv_import_function.py:601 write_to_error_file(): Import Error:authzone,zone.com,FORWARD,,,,,,,False,False,False,,1.2.3.4/1.2.3.4/False/False/True/ext_sec_key/ut29ROLaJwty6a%2Fhsgg0wA==,infoblox.localdomain,False,,,,,,,,,,,,,2,,default,Authoritative-Line 2: Insertion aborted due to IBDataError?: IB.Data:TSIG algorithm used for TSIG key name 'ext_sec_key' is not allowed in CC mode.
...