Obtaining Logs

Central platform

The KeySafe 5 application is configured to log to stdout. This means you can view logs by running standard kubectl commands.

To get the KeySafe 5 backend services logs run kubectl get pods

By default, the KeySafe 5 backend Helm chart will create multiple replicas of each service. The below example commands only retrieves the logs from the first replica of each service.
kubectl -n nshieldkeysafe5 logs nshield-keysafe5-0 codesafe-mgmt
kubectl -n nshieldkeysafe5 logs nshield-keysafe5-0 hsm-mgmt
kubectl -n nshieldkeysafe5 logs nshield-keysafe5-0 sw-mgmt

To get the KeySafe 5 UI logs.

UI_POD=$(kubectl -n nshieldkeysafe5 get pods -l app=keysafe5-ui-app -o jsonpath='{.items[0].metadata.name}')
kubectl logs -n nshieldkeysafe5 $UI_POD

Because all logs are directed to stdout, you can integrate the application logs with third-party log monitoring tools such as Prometheus or Splunk.

KeySafe 5 agent


The KeySafe 5 agent log file is located at /opt/nfast/log/keysafe5-agent.log, unless configured otherwise.


The KeySafe 5 agent log file is located at %NFAST_LOGDIR%\KeySafe5-agent.log, unless configured otherwise.

The KeySafe 5 Windows Service actions are emitted to the Windows event log under the nShieldKeySafe5 source identifier.

You can use the nshieldeventlog utility to extract these log entries and output them to the console or a text file.

nshieldeventlog.exe --source=nShieldKeySafe5

As required, specify the following parameters.

  • -c | --count: The number of records read from the event log.

    The default is 10000

  • -f | --file: The output filename.

See the nShield Security World Software documentation for more information on the nshieldeventlog utility.