Page created: 4 Feb 2020
|
Page updated: 22 Jul 2020
| 1 min read
Product PingDirectory 8.1 Directory Capability Product documentation Content Type Administration User task IT Administrator Administrator Audience Software Deployment Method Configuration PingDirectoryProxy System Administrator
-
Use dsconfig to enable encryption for a Log Publisher. In
this example, the File-based Access Log Publisher "Encrypted Access" is created,
compression is set, and rotation and retention policies are set.
$ bin/dsconfig create-log-publisher-prop --publisher-name "Encrypted Access" \ --type file-based-access \ --set enabled:true \ --set compression-mechanism:gzip \ --set encryption-settings-definition-id:332C846EF0DCD1D5187C1592E4C74CAD33FC1E5FC20B726CD301CDD2B3FFBC2B \ --set encrypt-log:true \ --set log-file:logs/encrypted-access \ --set "rotation-policy:24 Hours Time Limit Rotation Policy" \ --set "rotation-policy:Size Limit Rotation Policy" \ --set "retention-policy:File Count Retention Policy" \ --set "retention-policy:Free Disk Space Retention Policy" \ --set "retention-policy:Size Limit Retention Policy"
-
To decrypt and decompress the file:
$ bin/encrypt-file --decrypt \ --decompress-input \ --input-file logs/encrypted-access.20180216040332Z.gz.encrypted \ --output-file decrypted-access Initializing the server's encryption framework...Done Writing decrypted data to file '/ds/PingDirectoryProxy/decrypted-access' using a key generated from encryption settings definition '332c846ef0dcd1d5187c1592e4c74cad33fc1e5fc20b726cd301cdd2b3ffbc2b' Successfully wrote 123,456,789 bytes of decrypted data