Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
slogverify(1)		  The slogverify manual	page		 slogverify(1)

NAME
       slogverify --- Verifies cryptographically secured logs.

SYNOPSIS
       slogverify [options] [arguments]

DESCRIPTION
       The slogverify utility is used to verify	the integrity of cryptographi-
       cally  secured  logs and	to decrypt log entries produced	in a syslog-ng
       OSE secure logging environment.

       Normal mode:
	   slogverify -k <host key file> -m  <input  MAC  file>	 <input	 file>
       <output file> [buffers]

       Iterative mode:
	   slogverify  -i -p <previous host key> -r <previous MAC> -m <current
       MAC> <input file> <output file> [buffers]

ARGUMENTS
	      	input file

	      An encrypted log file from the syslog-ng OSE secure logging  en-
	      vironment	that is	verified.

	      	output file

	      The  file	that contains the plain	text log entries after decryp-
	      tion and verification.

	      	buffers

	      Optional number of input buffers.	The number of buffers  can  be
	      used for performance adjustments in case the log file to be ver-
	      ified  is	 very  large  and cannot be processed at once. It is a
	      positive number of log entries that can be held in memory	during
	      verification. The	minimum	number if 10 and the maximum number is
	      4294967295. If this argument is not supplied the default of 1000
	      is used.

OPTIONS
       --iterative or -i
	   Iterative mode. This	is useful in case the log files	 are  periodi-
       cally  copied  from the system on which they where generated to central
       collector. As log rotation, i.e.	overwriting log	files in order to pre-
       serve space cannot be done in a secure logging environment, the	itera-
       tive  mode  can	be  used  instead. This	works as follows: If a certain
       storage limit is	reached	the log	file together with the	host  key  and
       the  MAC	file is	copied to new destination and the old file is deleted.
       The verification	is then	performed in iterations, i.e.  separately  for
       each file that was retrieved from the log host. For this	to work, it is
       important  to always retrieve the corresponding host key	and MAC	files.
       The process can be automated, for example by calling slogverify in  it-
       erative mode from a script.

       --key-file or -k
	   The initial host key	(k0). This option is used in normal mode only.

       --mac-file or -m
	   The current MAC file	used.

       --prev-key-file or -p
	   The	host  key  corresponding to the	previous log file. This	option
       can be used in iterative	mode only. In theory, this can be initial host
       key (k0)	but using this key might generate warnings, as the gap between
       the first log entry ever	(log entry 0) and the first log	entry  of  the
       current log file	might be large.

       --prev-mac-file or -r
	   The	MAC  file  from	the previous log file. This option can only be
       used in iterative mode.

       --help or -h
	   Display a help message.

FILES
       /Users/hofi/Develop/Balabit/syslog-ng/build/install/bin/slogverify

       /Users/hofi/Develop/Balabit/syslog-ng/build/install/etc/syslog-ng.conf

SEE ALSO
	      	The syslog-ng.conf manual page

	      	The secure-logging manual page

4.10.2			       18 December 2025			 slogverify(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=slogverify&sektion=1&manpath=FreeBSD+Ports+15.1.quarterly>

home | help