Boundary
Common sink parameters
These parameters are shared across all sink types:
name
- Specify a name for the sink.description
- Specify a description for the sink.event_types
- Specifies a list of event types that will be sent to the sink. Can be*
,error
,system
,observation
oraudit
.event_source_url
- Specifies an optional event source URL for the sink. If not specified, the default source will be composed of thehttps://hashicorp.com/boundary.io/ServerName/Path/FileName
.allow_filters
- Specifies a set of predicates for including an event in the sink. If any filter matches, the event will be included. For more information, on using filters see: event filteringdeny-filters
- Specifies a set predicates for excluding an event in the sink. If any filter matches, the event will be excluded. For more information on using filters see: event filteringformat
- Specifies the format for the sink. Can becloudevents-json
,cloudevents-text
,hclog-json
, orhclog-text
.type
- Specifies the type of sink. Can bestderr
orfile
.audit_config
- Specifies configuration for the processing of audit events for the sink. This is ignored if the sink is not configured to receiveaudit
events.
audit_config
parameters
audit_filter_overrides
- Specifies overrides for the filter operations that are applied to audit events.
audit_filter_overrides
parameters
sensitive
(string: "", "encrypt", "hmac-sha256", "redact")
- Specifies the filter operation to apply to fields that are classified as sensitive.secret
(string: "", "encrypt", "hmac-sha256", "redact")
- Specifies the filter operation to apply to fields that are classified as secret.
audit_config
examples
This example is equivalent to the default settings if no audit_config
stanza
is provided.
audit_config {
audit_filter_overrides {
sensitive = "redact"
secret = "redact"
}
}
This example will HMAC sensitive fields, and encrypt secrets.
audit_config {
audit_filter_overrides {
sensitive = "hmac-sha256"
secret = "encrypt"
}
}
This example will not apply a filter to sensitive fields.
audit_config {
audit_filter_overrides {
sensitive = ""
}
}