Skip to main content

/sys/config/auditing

The /sys/config/auditing endpoint is used to configure auditing settings.

Read all audited request headers

This endpoint lists the request headers that are configured to be audited.

  • sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.
MethodPath
GET/sys/config/auditing/request-headers

Sample request

$ curl \
--header "X-Vault-Token: ..." \
http://127.0.0.1:8200/v1/sys/config/auditing/request-headers

Sample response

{
"headers": {
"X-Forwarded-For": {
"hmac": true
}
}
}

Read single audit request header

This endpoint lists the information for the given request header.

  • sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.
MethodPath
GET/sys/config/auditing/request-headers/:name

Parameters

  • name (string: <required>) – Specifies the name of the request header to query. This is specified as part of the URL.

Sample request

$ curl \
--header "X-Vault-Token: ..." \
http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header

Sample response

{
"X-Forwarded-For": {
"hmac": true
}
}

Create/Update audit request header

This endpoint enables auditing of a header.

  • sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.
MethodPath
POST/sys/config/auditing/request-headers/:name

Parameters

  • hmac (bool: false) – Specifies if this header's value should be HMAC'ed in the audit logs.

Sample payload

{
"hmac": true
}

Sample request

$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header

Delete audit request header

This endpoint disables auditing of the given request header.

  • sudo required – This endpoint requires sudo capability in addition to any path-specific capabilities.
MethodPath
DELETE/sys/config/auditing/request-headers/:name

Sample request

$ curl \
--header "X-Vault-Token: ..." \
--request DELETE \
http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header