For best results, file signatures should be validated by the same instance used to generate the file. However, it may be possible to validate signatures generated on other instances in a replicated topology.
For best results, file signatures should be validated by the same instance used to generate the file. However, it may be possible to validate signatures generated on other instances in a replicated topology.
validate-file-signature --file logs/access
validate-file-signature --file logs/access --validateLogChain \
--logDuration "2 days" --ignoreMissingEndOfSignature
-V
--version
| Description | Display Metrics Engine version information |
-H
--help
| Description | Display general usage information |
--help-debug
| Description | Display help for using debug options |
| Advanced | Yes |
-f {path}
--file {path}
| Description | The file for which to verify the signature |
| Required | Yes |
| Multi-Valued | No |
-c
--isCompressed
| Description | Indicates that the target file is gzip-compressed |
-C
--validateLogChain
| Description | Attempts to validate signature information across a chain of log files. If this option is used, the tool will start with the file referenced using the "--file" argument and will work backwards through older log files |
-n {num}
--numFiles {num}
| Description | The number of files to process when examining a chain of log files. If specified, the value must be greater than or equal to one. If not specified, then there will be no limit on the number of files to examine |
| Upper Bound | 2147483647 |
| Required | No |
| Multi-Valued | No |
-d {duration}
--logDuration {duration}
| Description | The minimum length of time to cover when examining a chain of log files. If specified, the value should be a duration that consists of an integer and a time unit (which may be one of 'milliseconds', 'seconds', 'minutes', 'hours', or 'days') |
| Required | No |
| Multi-Valued | No |
-M
--ignoreMultipleSignedBlocks
| Description | Indicates that the tool should not consider it an error for log files to contain multiple signed blocks (which may occur if the server or log publisher was shut down and restarted), or for a log file to not have been created after being rotated from another log file (if the logger is configured to start a new file when being initialized, or if it is the first log file that was created). It is not possible for the tool to guarantee that no data was removed between disjoint signed blocks, although it may be possible to gain some degree of confidence by comparing timestamps with known shutdown and startup times |
-m
--ignoreMissingEndOfSignature
| Description | Ignore an error caused by the specified file missing the 'END SIGNED CONTENT' marker at the end of the file. This may occur if the tool is being run against a log file that is still open for writing, but it is not possible to guarantee that no content has been removed from the end of the file. When validating a log chain, this option will only apply to the first file that is processed, and all older files will be expected to have the end marker |
-F
--ignoreMissingFile
| Description | Ignore an error caused by a log file that references another file that does not exist in the same directory as the file that references it. This may occur if the referenced file has already been removed by a retention policy, but it is not possible to guarantee that the file has not been removed for some other reason |