- SAP Managed Tags
More than once you need download the Ariba audit logs to make more analysis but you find that is not going to be easy because there is a key requested.
You find the help sap site explaning about it but it's no easy make all the described steps, here I will explain with details and step by step this process.
The steps to obtain the audit reports are the following:
- Download and install the Git program, only we need the Git Bash app but I recommend you install all by default (SAP recommends use Cygwin but Git works also). This program is neccesary to create the keys and decrypt the logs we need to export.
- Open the Git Bash program to create your private key and input the following command: openssl genrsa -out myPrivateKey.pem 2048.
- Now you need to create your public key typing this command: openssl rsa -in myPrivateKey.pem -pubout -out myPublicKey.pem.
- Open a file explorer window and find the folder in the path C:\Users\<<name of your user>> to check the 2 pem files were created.
or type ls -l *.pem in the Git Bash console to check the existance of the files
- Login to Ariba and access to Intelligent Configuration Manager to generate the audit report. Depending the solution you have the access is diferent this site explains how to access and generate in detail.
- Using your favorite text editor, open the myPublicKey.pem file and copy all the content.
- Paste the content in the Public key box, make sure there are no empty spaces at the beginning and end of the Pulbic key box.
- Click in Generate report buttom, if all was made right the report is being generated until complete status and with download link in action colum, otherwise review the previous steps and generate new public and private keys if is necessary.
- Click in download link, a new window appears and click in download icon now the report zip encrypted is in your download folder.
- This zip file must have 3 files contained in it:
- Key
- IV
- aes file
- Move this zip file to your user folder C:\Users\<<name of your user>> (were your pem files were created).
- Now you need decrypt the aes file using your private key file, IV file and Key file. For this you can use the code sample here from Help SAP site and continue to the step 16 or you can use my method that I will explain in the next step.
- Unzip the zip file in the same folder C:\Users\<<name of your user>> and don't delete the zip file.
- Using your favorite text editor paste this bash code:
#!/bin/bash
# Parameters
PRIVATEKEY="myPrivateKey.pem"
ZIPFILE="zip file you downloaded from Ariba Intelligent Configuration Manager"
ENCSUFFIX=".aes"
echo $ZIPFILE
# Decrypt the Key and IV
IV=$(openssl pkeyutl -decrypt -inkey myPrivateKey.pem -in IV)
KEY=$(openssl pkeyutl -decrypt -inkey myPrivateKey.pem -in Key)
# Look in the ZIP for files ending in .aes
# This is the convention used to identify encrypted files
FILELIST=$(unzip -Z1 "$ZIPFILE" | grep $ENCSUFFIX)
#echo $FILELIST
echo $KEY
echo $IV
# Decrypt the files that were found
# Remove the .aes extension from the saved file
for ENCFILE in $FILELIST
do
DECFILE=${ENCFILE%$ENCSUFFIX}
echo $DECFILE
echo $ENCFILE
echo "Decrypting File: $ENCFILE --> $DECFILE"
openssl enc -aes-256-cbc -d -K $KEY -iv $IV -in $FILELIST -out "$DECFILE"
done - Only modify the ZIPFILE parameter and add your zip file name like this.
- Save the file as decrypt.sh in your user folder C:\Users\<<name of your user>>, or use any name you want but make sure save it with .sh extension.
- Open again the Git Bash console and run the script: ./decrypt.sh
- If everything was right you notice the existence of new zip file with the same name as aes file.
- Open or unzip this zip file and finally you will be able to open the excel audit report.
Some considerations you may take are:
- It's no neccesary create the pem files everytime you need generate the report.
- Delete or overwrite the IV and Key file when you need decrypt the a new report.
And that's it, I hope it help you. 😉
This Article is complementary to SAP Help articles; Generating Audit Reports and Decrypting Audit Reports.
Bluesky