audit disable
The audit disable command disables an audit device at a given path, if one
exists. This command is idempotent, meaning it succeeds even if no audit device
is enabled at the path.
Once an audit device is disabled, no future audit logs are dispatched to it. The data associated with the audit device is unaffected. For example, if you disabled an audit device that was logging to a file, the file would still exist and have stored contents.
Note: Once an audit device is disabled, you will no longer be able to HMAC values for comparison with entries in the audit logs. This is true even if you re-enable the audit device at the same path, as a new salt will be created for hashing.
Examples
Disable the audit device enabled at "file/":
$ bao audit disable file/
Success! Disabled audit device (if it was enabled) at: file/
Usage
There are no flags beyond the standard set of flags included on all commands.