The name of the service that triggers the log. See below for the supported values.
attila
The attila (Key Management) service logs the following operations.
Operation | Description |
|---|---|
EraseKey | Erase a key pair |
GenKey | Generate a key pair of the specified type |
Health | Health check |
Sign | Sign a hash with the specified key |
attila-proxy
The attila-proxy (HSM Proxy) service logs the following operations.
Operation | Description |
|---|---|
GenKey | Generate a key pair of the specified type |
Healthcheck | Check if all configured attilas are alive |
Sign | Sign a hash with the specified key |
auth
The auth (authentication) service logs the following operations.
Operation | Description |
|---|---|
CreateAuth | Create a new PKI Hub user auth entry |
DeleteAuth | Delete auth entry |
DeleteProgress | Delete an in-progress row |
GetAuth | Get auth entry by name |
ca
The ca (Certificate Authority) service logs the following operations.
Operation | Description |
|---|---|
CreateCA | Create a root, subordinate, or external CA |
CreateCertificate | Issue a certificate or precertificate (RFC 6962) |
CreateCertProfile | Create a certificate profile |
CreateCMCResponse | Create a CMC response |
CreateDomainList | Create a domain list |
DeleteCA | Delete an existing CA |
DeleteDomainList | Delete a domain list |
GenerateCRL | Generate a CRL for the specified CA |
GetCA | Get information about a CA |
GetCertificate | Get information about a certificate |
GetCertProfile | Get a certificate profile |
GetDomainList | Get a domain list |
ImportSubordinateCertificate | Import subordinate CA certificate signed by external root |
ImportVACertificate | Import a VA certificate issued by an external CA |
ListCAEvents | List certificate events for a CA (LIFO order) |
ListCAs | List the CAs of a user or organization (LIFO order) |
ListCertificates | List certificates issued by a CA (LIFO order) |
ListCertProfiles | List available certificate profiles |
ListDomains | List domain lists |
LookupEEByDN | Look up end-entity certificates by Subject DN |
RenewVA | Renew the VA (OCSP Responder) certificate and keys |
RevokeCertificate | Revoke an active certificate |
SuspendCertificate | Suspend (hold) an active certificate |
UnsuspendCertificate | Remove a certificate from hold |
UpdateCABackdate | Update the backdate configuration of a CA |
UpdateCADomainList | Associate a domain list with a CA |
UpdateCAFriendlyName | Update the friendly name of a CA |
UpdateCAProfiles | Update the certificate profiles of a CA |
UpdateCAProfilesList | Update CA profiles list (new format) |
UpdateDomainList | Update a domain list |
UpdateVA | Update the VA configuration |
crl-responder
The crl-responder (CRL responder) service logs the following operations.
Operation | Description |
|---|---|
GetLastCRL | Download the latest CRL of a CA |
es
The es (Entitlement) service logs the following operations.
Operation | Description |
|---|---|
CreatePackage | Create a new package in PKI Hub |
GetUsage | Get request usage per package |
Healthcheck | Healthcheck from ES to PKI Hub |
UpdateMeteringInfo | Update quota information for an account |
onboard
The onboard (user and organization provisioning) service logs the following operations.
Operation | Description |
|---|---|
CreateUser | Create a new PKI Hub user |
DeleteUser | Delete a user |
GetIDPData | Get IdP info of the user |
GetPartition | Get a partition |
GetUser | Get User ID of the JWT Subject ID |
UpdateIdPMetaData | Update the user's IdP metadata |
org
The org (Organization Management) service logs the following operations.
Operation | Description |
|---|---|
CreateOrganization | Create a new PKI Hub organization |
DeleteOrganization | Delete an organization |
persist
The persist (database layer) service logs the following operations.
Operation | Description |
|---|---|
Op | Execute an operation against the database |
pkihub-bff
The pkihub-bff (Web UI) service logs the following operations.
Operation | Description |
|---|---|
Callback | OAuth2/OIDC callback |
DeploymentConfig | Get deployment configuration |
Login | Initiate login flow |
Logout | Logout |
Me | Get current user info |
Refresh | Refresh authentication token |
Status | Get system status |
tenancy
The tenancy (tenancy and access management) service logs the following operations.
Operation | Description |
|---|---|
AddTeaminTeam | Add a team to another team |
AddTeamToRole | Add a team to a role |
AddUserTeam | Add a user to a team |
CreateTeam | Create a team in a partition |
DeleteTeam | Delete a team |
DeleteTeamFromRole | Remove a team from a role |
DeleteTeamInTeam | Remove a team from another team |
DeleteUserTeam | Remove a user from a team |
GetAccountAccess | Get currently granted permissions for the JWT holder |
GetMeteringInfo | Get metering information |
GetRole | Get a role (CA or rawsigner token) |
GetTeam | Get information about a team |
GetUserInfo | Get user information |
ListRoles | List available roles of a CA or rawsigner token |
ListTeams | List teams in a partition |
UpdateMeteringInfo | Update metering information |
UpdateTeamDescription | Update team description |