If the audit trails you want to index are encrypted, complete the following steps to make the decryption keys available for the indexer.
To make the decryption keys available for the external indexer
-
Obtain the RSA private key and copy it to the external indexer's host.
-
Use the indexer-keys-json utility to transform the private key to the required JSON format. When executed, the script asks for the path to the private key, and the password of the private key. After the conversion, the password is removed.
The utility automatically adds the private key to the /etc/indexer/indexer-keys.cfg keystore file. If you want to use a different keystore file, use the --keystore argument to specify another file. If the keystore already includes the private key you want to add, it will be ignored.
-
In the /opt/external-indexer/usr/bin/ folder, issue the following command: indexer-keys-json
-
Provide the absolute path to the private key. Alternatively, you can include this information as a parameter: indexer-keys-json --private-key <path-to-private-key>
-
If the key is password protected, enter the password to the private key.
-
To add additional keys, re-run the indexer-keys-json command.
-
-
You can now start the indexer service. For more information, see Starting the external indexer.