Dell PowerVault TL4000 Dell PowerVault ML6000 Encryption Key Manager User's - Page 98

Querying the Metadata XML File, Recovering from a Corrupted Metadata File

Get Dell PowerVault TL4000 PDF manuals and user guides View all Dell PowerVault TL4000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 98 highlights

cert1 - keyAlias2 Tue Feb 20 09:18:07 CST 2007 - creation date | Note: For LTO 4 and LTO 5 drives there will only be record and DKi will be recorded. Querying the Metadata XML File Use the EKMDataParser tool to query the metadata file. This tool parses the XML file using Document Object Model (DOM) techniques and cannot be run from the Encryption Key Manager command line interface. It is invoked as follows: java com.ibm.keymanager.tools.EKMDataParser -filename full_path_to_metadata_file {-volser volser | -keyalias alias} metadata_path This is the same directory path specified for the metadata file in Audit.metadata.file.name in the KeyManagerConfig.properties file. -filename filename is required and must be the name of the XML metadata file. This will usually match the name specified in the Audit.metadata.file.name property in the KeyManagerConfig.properties file. -volser The volume serial number of the tape cartridge you are searching for in the XML file. Either -volser or -keyalias must be specified. -keyalias The key label or alias you are searching for in the XML file. Either -volser or -keyalias must be specified. Example Assuming that the metadata filename property (Audit.metadata.file.name) in KeyManagerConfig.properties is set to a value of metadata and the file is located in your local directory where the Encryption Key Manager runs, the following command would filter (display) only the XML records related to volser 72448: /bin/java com.ibm.keymanager.tools.EKMDataParser -filename metadata -volser 72448 The output would be formatted as follows: Table 8-1. Metadata Query Output Format keyalias1 keyalias2 volSer cert1 cert2 72448 dateTime Wed Mar 14 10:31:32 CDT 2007 driveSSN dki FVTDRIVE0004 Recovering from a Corrupted Metadata File The Encryption Key Manager metadata file can become corrupted if the Encryption Key Manager is improperly shutdown or the system where the Encryption Key Manager is running crashes. Improper editing or modification of the metadata file can also corrupt it. The corruption will go unnoticed until the EKMDataParser parses the metadata file. The EKMDataParser may fail with an error similar to the following: 8-2 Dell Encryption Key Mgr User's Guide

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
<keyAlias1>cert1</keyAlias1>
- keyAlias2
<dateTime>Tue Feb 20 09:18:07 CST 2007</dateTime>
- creation date
</KeyUsageEvent>
Note: For LTO 4 and LTO 5 drives there will only be <keyAlias1></keyAlias1>
record and DKi will be recorded.
Querying the Metadata XML File
Use the EKMDataParser tool to query the metadata file. This tool parses the XML
file using Document Object Model (DOM) techniques and cannot be run from the
Encryption Key Manager command line interface. It is invoked as follows:
java com.ibm.keymanager.tools.EKMDataParser -filename
full_path_to_metadata_file
{
-volser
volser
|
-keyalias
alias
}
metadata_path
This is the same directory path specified for the metadata file in
Audit.metadata.file.name in the
KeyManagerConfig.properties
file.
-filename
filename
is required and must be the name of the XML metadata file. This will
usually match the name specified in the Audit.metadata.file.name property in
the
KeyManagerConfig.properties
file.
-volser
The volume serial number of the tape cartridge you are searching for in the
XML file. Either
-volser
or
-keyalias
must be specified.
-keyalias
The key label or alias you are searching for in the XML file. Either
-volser
or
-keyalias
must be specified.
Example
Assuming that the metadata filename property (Audit.metadata.file.name) in
KeyManagerConfig.properties
is set to a value of
metadata
and the file is located
in your local directory where the Encryption Key Manager runs, the following
command would filter (display) only the XML records related to volser
72448
:
<jvm_path>/bin/java com.ibm.keymanager.tools.EKMDataParser -filename metadata -volser 72448
The output would be formatted as follows:
Table 8-1. Metadata Query Output Format
keyalias1
keyalias2
volSer
dateTime
driveSSN
dki
cert1
cert2
72448
Wed Mar 14 10:31:32 CDT 2007
FVTDRIVE0004
Recovering from a Corrupted Metadata File
The Encryption Key Manager metadata file can become corrupted if the Encryption
Key Manager is improperly shutdown or the system where the Encryption Key
Manager is running crashes. Improper editing or modification of the metadata file
can also corrupt it. The corruption will go unnoticed until the EKMDataParser
parses the metadata file. The EKMDataParser may fail with an error similar to the
following:
8-2
Dell Encryption Key Mgr User's Guide
|