GLOBAL MAP DATA DICTIONARY #6.666 -- KERNEL PKI LOGS FILE 6/27/25 PAGE 1
STORED IN ^XULOGS(6.666, *** NO DATA STORED YET *** SITE: WWW.BMIRWIN.COM UCI: VISTA,VISTA (VERSION 8.0)
-----------------------------------------------------------------------------------------------------------------------------------
The KERNEL PKI LOGS file is meant to be used by the Kernel team to log which SAML TOKENS would fail PKI digital signature
validation. This file has been released in patch XU*8*810.
At minimum a log entry MUST contain a DATE/TIME CREATED and a SAML TOKEN. Please note that to preserve the byte by byte integrity
of the SAML TOKEN the SAML TOKEN has been saved in base64 format.
The USER'S SECID, FIRST NAME and LAST NAME fields are extracted from the given SAML TOKEN; therefore it is possible that this data
is forged, inaccurate or simply not provided. The main takeaway is that we understand who the user said they were using SECID so
that we can later compare that to IAM.
The ERROR MESSAGE FROM API and ERROR MESSAGE FROM RSA fields are meant to store messages reported by the InterSystems APIs. The
OTHER MESSAGE field is meant to store other messages that maybe relevant to help triage why the SAML TOKEN failed PKI digital
signature validation.
CROSS
REFERENCED BY: DATE/TIME CREATED(B)
^XULOGS(6.666,D0,0)= (#.01) DATE/TIME CREATED [1F] ^ ^ (#10) USER'S SECID [3F] ^ (#11) USER'S FIRST NAME [4F] ^
^XULOGS(6.666,D0,1)= (#12) USER'S LAST NAME [1F] ^
^XULOGS(6.666,D0,2,0)=^6.676^^ (#20) SAML TOKEN
^XULOGS(6.666,D0,3)= (#21) ERROR MESSAGE FROM API [1F] ^
^XULOGS(6.666,D0,4)= (#22) ERROR MESSAGE FROM RSA [1F] ^
^XULOGS(6.666,D0,5)= (#30) RPC BROKER CONTEXT [1P:19] ^ (#31) CLIENT IP ADDRESS [2F] ^ (#32) SERVER IP ADDRESS [3F] ^ (#33) LOGIN
==>METHOD [4S] ^ (#34) SAML TOKEN REUSE COUNT [5N] ^
^XULOGS(6.666,D0,7)= (#20.5) SAML TOKEN HASH [1F] ^
^XULOGS(6.666,D0,8)= (#23) OTHER MESSAGE [1F] ^
INPUT TEMPLATE(S):
PRINT TEMPLATE(S):
SORT TEMPLATE(S):
FORM(S)/BLOCK(S):