In certain circumstances it may be necessary to gather diagnostic information and logs from Cryptographic Security Platform Vault that can be sent to Entrust support for further analysis. The following procedure describes how to create a log bundle using the Cryptographic Security Platform Compliance Manager System Console on one of the nodes in the cluster. To create the bundle using the Cryptographic Security Platform Compliance Manager webGUI, see Creating a Support Bundle for the Compliance Manager webGUI.

  1. Use your hypervisor to access one of the VMs in which Cryptographic Security Platform Compliance Manager is running, then log into the Cryptographic Security Platform Compliance Manager VM console as htadmin. The Cryptographic Security Platform Compliance Manager displays the Cryptographic Security Platform Compliance Manager System Console TUI (Text-based User Interface).
  2. Select Gather Diagnostic Logs.

  3. In the Create Log Options page, use the arrow keys to move to an option you want to change and then use the spacebar to toggle whether that option is selected. When you are done, press Enter. The options are:

    Option

    Description

    Include Audit Log?

    If selected, Cryptographic Security Platform Compliance Manager includes the full audit log in the bundle. This option is selected by default.

    Include Log Bundle from ALL Cryptographic Security Platform Compliance Manager Nodes?

    If selected, Cryptographic Security Platform Compliance Manager includes the log bundle from every node in the cluster. Otherwise Cryptographic Security Platform Compliance Manager only includes the log bundle from the current node.

    Include Core Files?

    If selected, Cryptographic Security Platform Compliance Manager includes core files in the bundle.

    Use a Passphrase to Encrypt the Bundle?

    If selected, Cryptographic Security Platform Compliance Manager encrypts the bundle with an AES 256-bit key using the provided passphrase.

    Cryptographic Security Platform Compliance Manager will prompt you for the passphrase as soon as you press Enter.

    When you press Enter, Cryptographic Security Platform Compliance Manager creates the bundle using the options you selected.

  4. When you see the prompt that says the log bundle was successfully created, press Enter.

    If the Cryptographic Security Platform Compliance Manager webGUI is not available, please use the restricted shell to download the support bundle. For more information, see Using the Restricted Shell.

    You can also download the log bundle from the Cryptographic Security Platform Compliance Manager webGUI by selecting Settings > Support > Download Logs.

Note: If you want to decrypt the log bundle, navigate to the directory where the bundle is located and type the following command: 

gpg -d -o <output-file-name> <input-file-name>

Where <output-file-name> is the name you want to use for the decrypted log bundle and <input-file-name> is the name of the encrypted log bundle that you want to decrypt.