vhsm audit
Learn about managing vHSM audit devices
The vhsm audit
command manages vHSM's audit devices, allowing users to list, enable, and disable them.
Usage
vhsm audit <subcommand> [options] [args]
Available Subcommands:
vhsm audit enable
vhsm audit enable
Enables an audit device at a specified path. If an audit device already exists at that path, an error is returned.
Example
vhsm audit enable file file_path=/tmp/my-file.txt description="JSON formatted audit logs"
Output
Success! Enabled the file audit device at: file/
Available Options
-description
string
""
Human-friendly description of the audit device
-local
bool
false
Marks the audit device as local-only (not replicated)
-path
string
""
Unique path where the audit device is accessible
vhsm audit disable
vhsm audit disable
Disables an audit device at a specified path. The command is idempotent, meaning it succeeds even if the audit device is not enabled at the path.
Example
vhsm audit disable file/
Output
Success! Disabled audit device (if it was enabled) at: file/
Note: Once disabled, audit logs will no longer be sent to the device, and HMAC values cannot be used for comparison.
Available Options:
No additional flags beyond standard command flags.
vhsm audit list
vhsm audit list
Lists all enabled audit devices along with their configurations.
Example
vhsm audit list
Output
Path Type Description
---- ---- -----------
file/ file n/a
Example of detailed view
vhsm audit list -detailed
Output
Path Type Description Replication Options
---- ---- ----------- ----------- -------
file/ file n/a replicated description=JSON formatted audit logs file_path=audit_log.txt
Available Options
-format
string
"table"
Output format: "table"
, "json"
, or "yaml"
-detailed
bool
false
Shows detailed information, including options and replication status
Last updated
Was this helpful?