• Run the validate-file-signature tool to check if a signed file has been tampered with.

    For this example, assume that the sign-log property was enabled for the File-Based Audit Log Publisher.

    $ bin/validate-file-signature --file logs/audit
    All signature information in file 'logs/audit' is valid

    If any validations errors occur, you will see a message similar to the one as follows.

    One or more signature validation errors were encountered 
    while validating the contents of file 'logs/audit':
    * The end of the input stream was encountered without 
      encountering the end of an active signature block.  
      The contents of this signed block cannot be trusted 
      because the signature cannot be verified