search
Home

vhsm audit

Learn about managing vHSM audit devices

The vhsm audit command manages vHSM's audit devices, allowing users to list, enable, and disable them.

hashtag
Usage

vhsm audit <subcommand> [options] [args]

hashtag
Available Subcommands:

Subcommand
Description

enable

Enables an audit device

disable

Disables an audit device Note: After an audit device is disabled, HMAC values for log comparison are no longer available, even if the device is re-enabled.

list

Lists enabled audit devices

hashtag
vhsm audit enable

Enables an audit device at a specified path. If an audit device already exists at that path, an error is returned.

hashtag
Example

vhsm audit enable file file_path=/tmp/my-file.txt description="JSON formatted audit logs"

Output

Success! Enabled the file audit device at: file/

hashtag
Available Options

Option
Type
Default
Description

-description

string

""

Human-friendly description of the audit device

-local

bool

false

Marks the audit device as local-only (not replicated)

-path

string

""

Unique path where the audit device is accessible

hashtag
vhsm audit disable

Disables an audit device at a specified path. The command is idempotent, meaning it succeeds even if the audit device is not enabled at the path.

hashtag
Example

Output

Note: Once disabled, audit logs will no longer be sent to the device, and HMAC values cannot be used for comparison.

hashtag
Available Options:

No additional flags beyond standard command flags.

hashtag
vhsm audit list

Lists all enabled audit devices along with their configurations.

hashtag
Example

Output

hashtag
Example of detailed view

Output

hashtag
Available Options

Option
Type
Default
Description

-format

string

"table"

Output format: "table", "json", or "yaml"

-detailed

bool

false

Shows detailed information, including options and replication status

PreviousAuditing and DebuggingNextvhsm debug

Last updated

Was this helpful?