Transactions Log Viewer
The ADSS SCVP Service keep record of every request and corresponding response made to the service in the transactions log for auditing purpose. Each item in the image is described below:
| Items | Description |
| Clear Search | After a Search this window will only show the filtered records. The Clear Search button is used to view the full set of records. |
| Search | This opens a new window where search criteria can be entered based on each column of the transaction grid. |
| Customise Columns | This opens a new window to configure which column need to be shown in the grid and which column need to be hidden. |
| |< < > >| | These buttons are for navigating the different pages of the transaction log. Note the number of records shown per page is configurable from within Global Settings. |
| Export Logs | Exports the transactions logs into a zipped CSV file in human readable format. |
| Verify Integrity | Verifies the integrity of the SCVP service transaction log records. It detects tampered and deleted records and generates a report that can be exported to a physical drive. When exporting HMAC verification reports, it is recommended to save the file with “.html” extension so that the report can be viewed in an internet browser. |
| Show Archived |
This opens a new window where you can import and view previously archived file i.e. archived/exported transactions log. |
| Log ID |
A unique serial number for the log record, it is system-defined and not part of the request/response messages. |
| Response Status |
This shows whether a “success” or “failure” was returned in response. |
| Request Time |
Records the date/time when the request was received. |
| Response Time |
Records the date/time when the response was sent. |
| Request/Response |
Provides a link to view the request/response messages. |
| TLS Cert |
Clicking on “View” link under this column displays the TLS client authentication certificate. The “View” link is only present when TLS client authentication was used to send requests to the SCVP service. |
| Signing Cert |
Clicking on “View” link under this column displays the request signing certificate. The “View” link is only present when a signed request was sent to the SCVP service. |
| IP Address |
Records IP of the requestor’s machine. |
| Error Code |
Hover your mouse over the View link to show the error message e.g. trust building failed, SCVP Service Disabled etc. |
| Item |
Description |
| Import archived transaction file |
Use this option to browse the archived log file in zip
format from the operator machine. By using this option the archived log
file is uploaded on the ADSS Server. It can be an expensive operation if
the file is of large size so the operator is allowed to upload a file
with maximum size up to 25 MB. Use the archived file path option for
files bigger than 25 MB. |
| Archived transaction file path |
Use this option if the file size is greater than 25 MB.
This option does not upload the archived file to the server. Rather the
server reads the file from given file path before importing which is
faster than the above option. You can either specify the local file
system path or a network path. Note: Do specify the archived log file name in the file path. |
The archived files were created in the csv format till ADSS Server v4.7.5 but from v4.7.6 and onward the archived files are zipped to save the disk space when archiving. If you are importing the archived files created using a pre-v4.7.6 deployment to ADSS Server v4.7.6 or later then first zip them before importing otherwise ADSS Server will not recognise them as correct archived files.
As explained above, clicking on the Search button on SCVP Transactions Log Viewer displays following screen:
This helps to locate a particular transaction the SCVP service may have performed within a particular time frame or to a particular client (i.e. using the IP address and/or TLS certificate). If a search is based on multiple values, then these will be combined together using the AND operator, and thus only records that meet all the criteria will be presented.
If "_" character is used in the search then it will act as wildcard.
By default few columns are in the "Selected Columns" list. In order to hide a column move the required column to "Available Columns" list
Each log record within the database is protected with an HMAC check-sum to detect any intentional or accidental modification of records. Clicking the Verify Integrity button checks the log integrity and generates a report as shown below:
Click on the Export Logs button to export the request/response to a network file.
Clicking the Fix HMAC Errors button will re-calculate the HMAC for tempered transaction logs records for this module.
Note: This option will not detect the unauthorized deleted records but it will only fix the unauthorized modifications and/or ambiguous records for which HMAC value is not present/incorrect.
The Verify Integrity feature is available for the transactions log of all services within ADSS Server.
As explained above, clicking on the link for Log ID displays details for the selected SCVP transaction as shown below:
By clicking any of the configuration ID, following dialog will appear with Transaction State and Current State column:
Configuration ID works as follows:
- On validation policy update operation, the pre-state of the validation policy is stored with a unique identifier in the validation policy history table. A new unique identifier is created for each update operation. The unique Id representing the latest state stored along the validation policy information in validation policy table. On validation policy create operation the default value is “1” and is used for validation policy’s current state.
- In transaction log viewer a link is shown to launch the validation policy configuration used to process the particular request. When user clicks on this link, a database query made to validation policy history table and the validation policy state is shown in a generic viewer with Transaction State and Current State.
- Transaction State column contains the values against a specific field at the time of performing a transaction
- Current State column shows the current settings for the validation policy used in a transaction in the past.
- If any of the field settings are changed in between the Transaction State and Current State, it is highlighted to let the user know that this field’s state has been changed since the transaction was made.
Click on the Response tag to view the relevant SCVP response.
Click on the Export Request/Export Response button to export the SCVP request/response on the physical drive.