Home

vhsm audit

Learn about managing vHSM audit devices

The vhsm audit command manages vHSM's audit devices, allowing users to list, enable, and disable them.

Usage

vhsm audit <subcommand> [options] [args]

Available Subcommands:

Subcommand
Description

enable

Enables an audit device

disable

Disables an audit device Note: After an audit device is disabled, HMAC values for log comparison are no longer available, even if the device is re-enabled.

list

Lists enabled audit devices

vhsm audit enable

Enables an audit device at a specified path. If an audit device already exists at that path, an error is returned.

Example

vhsm audit enable file file_path=/tmp/my-file.txt description="JSON formatted audit logs"

Output

Success! Enabled the file audit device at: file/

Available Options

Option
Type
Default
Description

-description

string

""

Human-friendly description of the audit device

-local

bool

false

Marks the audit device as local-only (not replicated)

-path

string

""

Unique path where the audit device is accessible

vhsm audit disable

Disables an audit device at a specified path. The command is idempotent, meaning it succeeds even if the audit device is not enabled at the path.

Example

Output

Note: Once disabled, audit logs will no longer be sent to the device, and HMAC values cannot be used for comparison.

Available Options:

No additional flags beyond standard command flags.

vhsm audit list

Lists all enabled audit devices along with their configurations.

Example

Output

Example of detailed view

Output

Available Options

Option
Type
Default
Description

-format

string

"table"

Output format: "table", "json", or "yaml"

-detailed

bool

false

Shows detailed information, including options and replication status

PreviousAuditing and DebuggingNextvhsm debug

Last updated

Was this helpful?