# vhsm audit

The `vhsm audit` command manages vHSM's audit devices, allowing users to list, enable, and disable them.

### Usage

```sh
vhsm audit <subcommand> [options] [args]
```

#### Available Subcommands:

| Subcommand                       | Description                                                                                                                                                                            |
| -------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [`enable`](#vhsm-audit-enable)   | Enables an audit device                                                                                                                                                                |
| [`disable`](#vhsm-audit-disable) | <p>Disables an audit device<br><strong>Note</strong>: After an audit device is disabled, HMAC values for log comparison are no longer available, even if the device is re-enabled.</p> |
| [`list`](#vhsm-audit-list)       | Lists enabled audit devices                                                                                                                                                            |

### `vhsm audit enable`

Enables an audit device at a specified path. If an audit device already exists at that path, an error is returned.

#### Example

```sh
vhsm audit enable file file_path=/tmp/my-file.txt description="JSON formatted audit logs"
```

**Output**

```
Success! Enabled the file audit device at: file/
```

#### Available Options

<table><thead><tr><th width="224">Option</th><th>Type</th><th>Default</th><th>Description</th></tr></thead><tbody><tr><td><code>-description</code></td><td>string</td><td><code>""</code></td><td>Human-friendly description of the audit device</td></tr><tr><td><code>-local</code></td><td>bool</td><td><code>false</code></td><td>Marks the audit device as <em>local-only</em> (not replicated)</td></tr><tr><td><code>-path</code></td><td>string</td><td><code>""</code></td><td>Unique path where the audit device is accessible</td></tr></tbody></table>

### `vhsm audit disable`

Disables an audit device at a specified path. The command is *idempotent,* meaning it succeeds even if the audit device is not enabled at the path.

#### Example

```sh
vhsm audit disable file/
```

**Output**

```
Success! Disabled audit device (if it was enabled) at: file/
```

**Note:** Once disabled, audit logs will no longer be sent to the device, and HMAC values cannot be used for comparison.

#### Available Options:

*No additional flags beyond standard command flags.*

### `vhsm audit list`

Lists all enabled audit devices along with their configurations.

#### Example

```sh
vhsm audit list
```

**Output**

```
Path     Type    Description
----     ----    -----------
file/    file    n/a
```

#### Example of detailed view

```sh
vhsm audit list -detailed
```

**Output**

```
Path     Type    Description    Replication    Options
----     ----    -----------    -----------    -------
file/    file    n/a            replicated     description=JSON formatted audit logs file_path=audit_log.txt
```

#### Available Options

<table><thead><tr><th>Option</th><th width="121">Type</th><th>Default</th><th>Description</th></tr></thead><tbody><tr><td><code>-format</code></td><td>string</td><td><code>"table"</code></td><td>Output format: <code>"table"</code>, <code>"json"</code>, or <code>"yaml"</code></td></tr><tr><td><code>-detailed</code></td><td>bool</td><td><code>false</code></td><td>Shows detailed information, including options and replication status</td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.enclaive.cloud/virtual-hsm/cli/auditing-and-debugging/vhsm-audit.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.