Encrypting and Decrypting logs

To encrypt logs

  1. Navigate to Core > Config > Add New > LogEncryption.
    Add the certificate for encryption.

  2. Save and apply the config to the devices.
    The client logs are encrypted with the given certificate.

Decrypting logs

To decrypt logs:

Prerequisite:

Ensure OpenSSL is installed.

Procedure
  1. Run the following command in terminal
    Openssl version LibreSSL 2.8.3
    openssl smime -decrypt -in logs-encrypted.pc7 -inform DER -inkey privatekey.p12 -recip c.crt -out decrypted_file.zip

  2. Enter pass phrase for privatekey.p12: <enter the password here to decrypt if any>

-decrypt: This option tells OpenSSL that you want to decrypt a file.

-in logs-encrypted.pc7: Specifies the input encrypted file.

-inform DER: Specifies the input format of the encrypted file (DER format).

-inkey privatekey.p12: Specifies the private key file to use for decryption.

-recip c.crt : Specifies the recipient's certificate file.

-out decrypted_file.zip: Specifies the output file where the decrypted content is available.