Contents of the PAM log file named Logs.bin
search cancel

Contents of the PAM log file named Logs.bin

book

Article ID: 190707

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM) CA Privileged Access Manager - Cloakware Password Authority (PA)

Issue/Introduction

What are the contents of the password-protected and encrypted PAM log file which is named Logs.bin as a default.
Does Logs.bin contain company any sensitive information?

Resolution

The Logs.bin (default name when generating this log is Logs.bin) file is a PAM password protected and an encrypted log file. This file contains sensitive customer information hence is password protected and encrypted by Broadcom.
 
Contents of Logs.bin are of two types, Linux system specific information and PAM application specific information.
 
1. Linux system specific information

The Linux system specific information consists of the /var/log folder and its contents, and includes mainly the information included in any Linux server for example hostname, subnet masks, IP Addresses, PIDs Process IDs) etc.

2. PAM application specific information

The PAM specific logs consists of MySQL logs, Tomcat Catalina logs and other specific logs which in turn contain related hostnames, user names, LDAP groups (if integrated with LDAP), target account names/internal IDs, target application names/internal IDs, database tables names (from the PAM database), etc. Basically, any information that can be managed by PAM except passwords in clear text.