search cancel

Contents of the PAM log file logs.bin

book

Article ID: 190707

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

What is the content of the encrypted PAM log file named logs.bin.
What information is stored in it?
Does it contain company sensitive information?

Environment

Product: Layer 7 Privileged Access Manager.
Version: All 

Resolution

The logs.bin file is a PAM compacted encrypted log file which contents is divided into two main parts, linux system specific information and PAM application specific information.
  • The linux system specific information consists of the /var/log folder and its contents, and includes mainly the information included in any linux box, hostnames, subnet masks, IP Addresses, PIDs, etc.
  • The PAM specific logs consists of mysql logs, tomcat logs and other specific logs which may contain also hostnames, user names, LDAP groups (if integrated with LDAP), target account names and internal IDs, target application names and internal IDs, database tables names (from the PAM database), etc. Basically, any information that can be managed by PAM except passwords in clear text.