/sys/config/auditing
The /sys/config/auditing endpoint is used to configure auditing settings.
Read all audited request headers
This endpoint lists the request headers that are configured to be audited.
sudorequired – This endpoint requiressudocapability in addition to any path-specific capabilities.
| Method | Path |
|---|---|
GET | /sys/config/auditing/request-headers |
Sample request
$ curl \
--header "X-Vault-Token: ..." \
http://127.0.0.1:8200/v1/sys/config/auditing/request-headers
Sample response
{
"headers": {
"X-Forwarded-For": {
"hmac": true
}
}
}
Read single audit request header
This endpoint lists the information for the given request header.
sudorequired – This endpoint requiressudocapability in addition to any path-specific capabilities.
| Method | Path |
|---|---|
GET | /sys/config/auditing/request-headers/:name |
Parameters
name(string: <required>)– Specifies the name of the request header to query. This is specified as part of the URL.
Sample request
$ curl \
--header "X-Vault-Token: ..." \
http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header
Sample response
{
"X-Forwarded-For": {
"hmac": true
}
}
Create/Update audit request header
This endpoint enables auditing of a header.
sudorequired – This endpoint requiressudocapability in addition to any path-specific capabilities.
| Method | Path |
|---|---|
POST | /sys/config/auditing/request-headers/:name |
Parameters
hmac(bool: false)– Specifies if this header's value should be HMAC'ed in the audit logs.
Sample payload
{
"hmac": true
}
Sample request
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header
Delete audit request header
This endpoint disables auditing of the given request header.
sudorequired – This endpoint requiressudocapability in addition to any path-specific capabilities.
| Method | Path |
|---|---|
DELETE | /sys/config/auditing/request-headers/:name |
Sample request
$ curl \
--header "X-Vault-Token: ..." \
--request DELETE \
http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header