This chapter provides information on the VerifyArchive command line tool and contains the following section:
The purpose of VerifyArchive is to verify the log archives. A log archive is a set of timestamped logs and their corresponding key stores (keystores contain the keys used to generate the MACs and the Digital Signatures which are used to detect tampering of the log files). Verification of an archive detects possible tampering and/or deletion of any file in the archive.
VerifyArchive extracts all of the archive sets, and all files belonging to each archive set, for a given logName. When executed, VerifyArchive searches each log record to for tampering If tampering is detected, it prints a message specifying which file and the number of the record that has been tampered with.
VerifyArchive also checks for any files that have been deleted from the archive set. If a deleted file is detected, it prints a message explaining that verification has failed. If no tampering or deleted files are detected, it returns a message explaining that the archive verification has been successfully completed.
An error may occur if you run amverifyarchive as a user without administrator privileges.
All of the parameters options are required. The syntax is as follows:
amverifyarchive -l logName -p path -u uname -w password
logName refers to the name of the log which is to be verified (such as, amConsole, amAuthentication and so forth). VerifyArchive verifies the both the access and error logs for the given logName. For example, if amConsole is specified, the verifier verifies the amConsole.access and amConsole.error files. Alternatively, the logName can be specified as amConsole.access or amConsole.error to restrict the verification of those logs only.
path is the full directory path where the log files are stored.
uname is the user id of the Access Manager administrator.
password is the password of the Access Manager adminstrator.