HashiCorp Cloud Platform
Audit logs
HCP Vault Secrets provides audit logs to trace all incoming requests to your application so that you can view who requested access to your secrets stored in the application.
View audit logs
Log into HCP Portal. It opens the last project you were in. Choose the target project if it is different.
Select Vault Secrets > Apps.
Select the application name you wish to view.
Select Audit Logs.
Using the audit logs, you can learn the following information:
- Event - the type of operation
- Triggered By - the username and IP address from where the request was sent
- Scope - the scope an operation was executed on. For example, if a new application was created, the scope of the event is application.
- Interface - the interface used to send the request: UI or API. The CLI tool is a wrapper for API; therefore, the requests made by the CLI commands appear as API.
- Timestamp - the timestamp of the event was triggered
Limitation
Currently, the application deletion events do not appear on the audit logs.