audit command groups subcommands for interacting with Vault's audit
devices. Users can list, enable, and disable audit devices.
For more information, please see the audit device documentation
Enable an audit device:
$ vault audit enable file file_path=/tmp/my-file.txt Success! Enabled the file audit device at: file/
List all audit devices:
$ vault audit list Path Type Description ---- ---- ----------- file/ file n/a
Disable an audit device:
$ vault audit disable file/ Success! Disabled audit device (if it was enabled) at: file/
Note: Once an audit device is disabled, you will no longer be able to HMAC values for comparison with entries in the audit logs. This is true even if you re-enable the audit device at the same path, as a new salt will be created for hashing.
Usage: vault audit <subcommand> [options] [args] # ... Subcommands: disable Disables an audit device enable Enables an audit device list Lists enabled audit devices
For more information, examples, and usage about a subcommand, click on the name of the subcommand in the sidebar.