HashiConf 2024 Now streaming live from Boston! Attend for free
Vault
Vault Home

You are viewing documentation for version v1.16.x. View latest version.

audit

The audit command groups subcommands for interacting with Vault's audit devices. Users can list, enable, and disable audit devices.

For more information, please see the audit device documentation

Examples

Enable an audit device:

$ vault audit enable file file_path=/tmp/my-file.txt
Success! Enabled the file audit device at: file/

List all audit devices:

$ vault audit list
Path     Type    Description
----     ----    -----------
file/    file    n/a

Disable an audit device:

$ vault audit disable file/
Success! Disabled audit device (if it was enabled) at: file/

Note: Once an audit device is disabled, you will no longer be able to HMAC values for comparison with entries in the audit logs. This is true even if you re-enable the audit device at the same path, as a new salt will be created for hashing.

Usage

Usage: vault audit <subcommand> [options] [args]

  # ...

Subcommands:
    disable    Disables an audit device
    enable     Enables an audit device
    list       Lists enabled audit devices

For more information, examples, and usage about a subcommand, click on the name of the subcommand in the sidebar.