CFG_GetMESetupAuditRecord

note-icon Note:

This command is available for Intel AMT Release 6.0 and later only. It replaces the CFG_GetAMTSetupAuditRecord command that has been deprecated.

CFG_GetMESetupAuditRecord reads the Manageability Engine audit record. This command deprecates the CFG_GetAMTSetupAuditRecord. The audit record contains configuration information about the last configuration attempt, regardless if it was successful or unsuccessful.

This command is available in all boot modes.

This command is not allowed in small business mode

CFG_GetMESetupAuditRecord Request

typedef struct _CFG_GET_ME_AUDIT_RECORD_REQUEST

{

    PTHI_MESSAGE_HEADER Header;

} CFG_GET_ME_AUDIT_RECORD_REQUEST;

 

Field

Description

Header.Version

Major and minor interface version.

Header.Reserved

0000h

Header.Command

04000050h

Header.Length

Message Length, excluding the message header.

CFG_GetMESetupAuditRecord Response

typedef struct _CFG_GET_ME_AUDIT_RECORD_RESPONSE

{

    PTHI_MESSAGE_HEADER Header;

    AMT_STATUS         Status;

    [success] ME_ADMIN_AUDIT_RECORD AuditRecord;

} CFG_GET_ME_AUDIT_RECORD_RESPONSE;

 

Field

Description

Header.Version

Major and minor interface version.

Header.Reserved

0000h

Header.Command

04800050h

Header.Length

Message Length, excluding the message header.

Status

A status code returned in a response message that indicates whether the operation specified in the corresponding request message succeeded or failed. If the operation failed, this code indicates the specific reason for failure.

AuditRecord. ProvisioningTLSMode

Valid values:

0 – PKI-CH (Remote Configuration)

1 – PSK

SecureDNS

Indicates if secure DNS mode was used (i.e. SCA FQDN or PKI DNS Suffix were set via MEBx).

HostInitiated

Indicates if the configuration was started by a local agent (Host initiated) or automatically (Bare metal)

SelectedHashData

Hash of the root of the certificate that used during configuration.

AuditRecord.HashAlgo

Hash algorithm for the hash value (MD5 or SHA1).

AuditRecord. CaCertificateSerials

Intermediate CAs serial numbers, first value being the signer of the leaf certificate.

AdditionalCaSerialNums

If the certificate chain includes additional intermediate CAs not recorded.

AuditRecord.IsOemDefault

State of the IsDefault bit in the certificate hash table.

AuditRecord. IsTimeValid

Indicates if the time in the ZTC certificate presented to the Intel AMT device was valid.

AuditRecord. ProvServerIP

The IPv4 or IPv6 address of the configuration server (string).

AuditRecord. TlsStartTime

Indicates whether the certificate passed the time validity check.

AuditRecord. ProvServerFQDN

FQDN of the configuration server mentioned in certificate.

CFG_GetMESetupAuditRecord Status Codes

Status

Description

AMT_STATUS_SUCCESS

Request succeeded.

AMT_STATUS_INTERNAL_ERROR

An internal error in the Intel AMT device has occurred. This may indicate an interface error, or an Intel AMT application error.

AMT_STATUS_NOT_READY

Management controller has not progressed far enough in its initialization to process the command.

AMT_STATUS_INVALID_MESSAGE_LENGTH

Length field of header is invalid.

AMT_STATUS_INVALID_AMT_MODE

Returned when the device is in PSK mode

AMT_STATUS_AUDIT_RECORD_NOT_PRESENT

The audit record is currently not present.

 

Copyright © 2006-2022, Intel Corporation. All rights reserved.