Events

All the events displayed in this document work in a similar manner. In case of a failure, the event will display the reason of said failure. This behavior is also valid for warning-status events.

BOOTSTRAP

Bootsrap events are related to the intial setup of the Stream platform.

BOOTSTRAP-ADMINISTRATOR
Deprecated. Used to represent all of the following events.

  • BOOTSTRAP-ADMINISTRATOR-ACCOUNT
    This event is triggered when installing Stream, it corresponds to the creation of the administrator local identity on Stream.

  • BOOTSTRAP-ADMINISTRATOR-PRINCIPAL
    This event is triggered when installing Stream, it corresponds to the creation of the principal for the administrator account, which is the link between the local account and its rights.

  • BOOTSTRAP-LOCAL-IDENTITY-PROVIDER
    This event is triggered when installing Stream, it corresponds to the creation of a Local identity provider so that the administrator can connect after the startup is over.

  • BOOTSTRAP-SYSTEM-CONFIGURATION
    This event is triggered when installing Stream, it corresponds to the creation of internal configuration elements such as the CRON internal monitor.

CA

CA events are directly related to Certificate Authorities

  • CA-CRL-GEN
    This event occurs when a user tries to manually ask for a CRL generation for a CA.

  • CA-CRL-UPLOAD
    This event occurs when Stream uploads the CRL for a Certificate Authority. The Cannot be verified? message is displayed when Stream can’t verify a CRL from one of the Certificate Authorities.

  • CA-CSR
    This event occurs when a user tries to generate a Certificate Signing Request for a CA, in case the CA is to be signed by an external CA.

  • CA-ISSUE
    This event occurs when Stream tries to issue a CA.

A user with the right permissions that goes to "Create a new CA" and creates a new Certificate Authority will see both CA-CSR and CA-ISSUE events.

  • CA-MIGRATE
    This event is triggered when a user tries to retarget an external CA as managed CA.
    This can be accomplished by clicking on the "Retarget as managed CA" button on an external CA where a CRL is uploaded.

  • CA-REVOKE
    This event is triggered when a user tries to revoke a managed CA.

CONF

CONF EVENTS are triggered when users interact with configuration elements. This applies to any of the configuration elements in the product (certificate templates, triggers, keystores, Certification Authorities, NTPs…​).

  • CONF-ADD
    This event is triggered when a user tries to add a configuration element.

  • CONF-DELETE
    This event is triggered when a user tries to delete a configuration element.

  • CONF-UPDATE
    This event occurs when a user tries to modify a configuration element.

CRL

CRL-EXTERNAL-STORAGE
Deprecated. This event used to occur when trying to store a CRL into an external CRL in Stream.

  • CRL-GEN
    This event is triggered when a managed CA tries to generate a CRL based on the configured CRL generation rules (e.g. one of the cron quartz expression defined for CRL generation was matched).

  • CRL-GET
    This event occurs when Stream tries to retrieve a CRL from a specified URL for an external CA.

  • CRL-UPLOAD
    This event occurs when Stream tries to upload a CA’s CRL into an external storage.

INTERNAL-MONITOR

  • INTERNAL-MONITOR-INIT
    This event is triggered when the CRON internal monitor does not start properly.

  • INTERNAL-MONITOR-RUN
    This event occurs when the CRON internal monitor is triggered.

INVALID-SEAL

  • INVALID-SEAL-PENDING-EVENT
    This event is triggered when a pending event has an improper signature that does not match its content.

This event indicates data tampering.

LICENSE

  • LICENSE-EXPIRED
    This event is triggered when the Stream license has expired.

  • LICENSE-INVALID
    This event is triggered when the imported Stream license is invalid.

  • LICENSE-MODULE-NOT-ENTITLED
    This event is triggered when a user tries to access a module that is not available with the currently installed license.

LIFECYCLE

Lifecycle events are related to end-entity certificates (Certificates tab).

  • LIFECYCLE-ENROLL

This event is triggered when a user tries to enroll an end-entity certificate. The event specifies the Distinguished Name of the enrolled certificate, its serial number as well as the Certificate Authority that enrolled said certificate in case of success. In case of failure, the reason of the failure is specified (e.g.: "Unauthorized DN element").

  • LIFECYCLE-REVOKE

This event occurs when a user tries to revoke an end-entity certificate.
Note that no event is triggered when a certificate expires.

OCSP

OCSP events are related to the Revocation management tab.

  • OSCP-CSR
    This event is triggered when a user tries to generate a CSR for an OCSP signer.

SEC

Security events (SEC) relate to the security aspect of the Stream platform, whether it targets the management of roles, identity, credentials and so on.

ACCOUNT

The ACCOUNT events are all deprecated and should not be triggered using Stream 2.0.0 or higher versions. For account-related events, look into LOCAL-IDENTITY and IDENTITY events.

  • SEC-ACCOUNT-ADD
    This event is triggered when a user tries to create a local account on older Stream versions (prior to 2.0.0)

  • SEC-ACCOUNT-DELETE
    This event is triggered when a user tries to delete a local account on older Stream versions. (prior to 2.0.0)

  • SEC-ACCOUNT-UPDATE
    This event is triggered when a user tries to update a local account on older Stream versions. (prior to 2.0.0)

AUTHENTICATION

  • SEC-AUTHENTICATION
    This event is triggered when a user tries to connect. The local or OpenID identifier is specified whether it is a failure or a success.

AUTHORIZATION

These events relate to the Security > Authorizations tab.

  • SEC-AUTHORIZATION-ADD
    This event is triggered when a user tries to create an authorization.

  • SEC-AUTHORIZATION-DELETE
    This event is triggered when a user tries to delete an authorization.

  • SEC-AUTHORIZATION-UPDATE
    This event is triggered when a user tries to modify elements inside an authorization (e.g. adding/removing permissions to/from a user). The event specifies the modified fields.
    Note that "lastModifications" is not modified by the user, it implies that the last modification date and time has been updated.

CREDENTIAL

These events relate to the Security > Credentials tab.

  • SEC-CREDENTIAL-ADD
    This event occurs when a user tries to create a new credential.

  • SEC-CREDENTIAL-DELETE
    This event occurs when a user tries to delete an existing credential.

  • SEC-CREDENTIAL-UPDATE
    This event occurs when a user tries to modify an existing credential.

IDENTITY

These events relate to the Security > Identity tab.

  • SEC-IDENTITY-PROVIDER-ADD
    This event occurs when a user tries to create a new identity provider profile.

  • SEC-IDENTITY-PROVIDER-DELETE
    This event occurs when a user tries to delete an existing identity provider profile.

  • SEC-IDENTITY-PROVIDER-UPDATE
    This event occurs when a user tries to modify an existing identity provider profile. The event specifies the modified fields.

LOCAL-IDENTITY

These events relate to the Security > Local accounts tab.

  • SEC-LOCAL-IDENTITY-ADD
    This event is triggered when a user tries to create a new local account.

  • SEC-LOCAL-IDENTITY-DELETE
    This event is triggered when a user tries to delete an existing local account.

  • SEC-LOCAL-IDENTITY-RESET
    This event is triggered when a user tries to reset an existing local account’s password.

  • SEC-LOCAL-IDENTITY-UPDATE
    This event is triggered when a user tries to modify an existing local account. The modified fields are specified.

ROLE

These events relate to the Security>Roles tab.

  • SEC-ROLE-ADD
    This event is triggered when a user tries to create a new role.

  • SEC-ROLE-DELETE
    This event is triggered when a user tries to delete an existing role.

  • SEC-ROLE-UPDATE
    This event is triggered when a user tries to modify an existing role. The modified fields are specified in the event.

SERVICE

  • SERVICE-START
    This event is triggered when the Stream service is started.

  • SERVICE-STOP
    This event is triggered when the Stream service is correctly stopped.

TRIGGER

The trigger events are directly related to the Notification tab, hence being about e-mail and REST notifications.

  • TRIGGER-RUN
    This event occurs when Stream tries to send a notification based on a defined trigger rule.

TSA

TSA events are related to the Timestamping tab.

  • TSA-CSR
    This event occurs when a user tries to Generate a CSR for a Timestamping signer.

UNSEALED

  • UNSEALED-PENDING-EVENT
    This event is triggered when an event in the pending events collection (in the database) has not been signed.