kms category

This log category contains all operations related to the Key Management System (KMS).

The connect action means that a connection is established with a KMS. It generates an "info" severity log, or "warning" or “critical” severity log in the event of an error.

Field

Description

 Type

Mandatory/Optional

port

KMS port

 Integer Mandatory

host

Machine hosting the KMS.

 String Mandatory

protocol

Information about the protocol used to connect to the KMS:

  • type: “rest_api” or “kmip”

  • kmip: (optional) information on the connection if KMIP

    - version: version of the KMIP used

    - supported_versions: version list

  • authentication:

    - ca: path to the certification authority file

    - cert: path to the certificate file

    - key: path to the private key file

 json object Mandatory

kms_version

KMS version.

 String Optional

The disconnect action means that the connection to the KMS has been closed. It generates an "info" severity log, or "warning" in the event of an error.

Field

Description

 Type

Mandatory/Optional

host

Machine hosting the KMS.

 String Mandatory

The operation action means that an operation has been performed with the KMS. It generates an "info" severity log, or "warning" or “critical” severity log in the event of an error.

Field

Description

 Type

Mandatory/Optional

operation_name

 Type of operation performed on the KMS (possible value: extract_keys, sign, decrypt). String Mandatory

host

Machine hosting the KMS.

 String Mandatory

key_labels

 List of labels used to extract keys from the KMS. List of strings Optional

tenant_id

Tenant identifier.

Example: 025f02fe-bee2-444b-bf76-b5ead30327c0

 String in uuid v4 format Optional