luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/website/source/api/system/audit.html.md

126 lines
3.3 KiB
Markdown
Raw Normal View History

Redo docs for system backend This commit updates the API documentation for the system backend to break things apart on a per-page basis and provide specific examples. This pattern will give more flexibility for future documentation as well.
2017-03-15 06:40:33 +00:00
---
/docs/http -> /api
2017-03-17 18:06:03 +00:00
layout: "api"
Redo docs for system backend This commit updates the API documentation for the system backend to break things apart on a per-page basis and provide specific examples. This pattern will give more flexibility for future documentation as well.
2017-03-15 06:40:33 +00:00
page_title: "/sys/audit - HTTP API"
sidebar_current: "docs-http-system-audit/"
description: |-
The `/sys/audit` endpoint is used to enable and disable audit backends.
---
# `/sys/audit`
The `/sys/audit` endpoint is used to list, mount, and unmount audit backends.
Audit backends must be enabled before use, and more than one backend may be
enabled at a time.
## List Mounted Audit Backends
This endpoint lists only the mounted audit backends (it does not list all
available audit backends).
- **`sudo` required**  This endpoint requires `sudo` capability in addition to
any path-specific capabilities.
| Method | Path | Produces |
| :------- | :--------------------------- | :--------------------- |
| `GET` | `/sys/audit` | `200 application/json` |
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
https://vault.rocks/v1/sys/audit
```
### Sample Response
```javascript
{
"file": {
"type": "file",
"description": "Store logs in a file",
"options": {
"path": "/var/log/vault.log"
}
}
}
```
## Mount Audit Backend
This endpoint mounts a new audit backend at the supplied path. The path can be a
single word name or a more complex, nested path.
- **`sudo` required**  This endpoint requires `sudo` capability in addition to
any path-specific capabilities.
| Method | Path | Produces |
| :------- | :--------------------------- | :--------------------- |
| `PUT` | `/sys/audit/:path` | `204 (empty body)` |
### Parameters
- `path` `(string: <required>)`  Specifies the path in which to mount the audit
backend. This is part of the request URL.
- `description` `(string: "")`  Specifies a human-friendly description of the
audit backend.
- `options` `(map<string|string>: nil)`  Specifies configuration options to
pass to the audit backend itself. This is dependent on the audit backend type.
- `type` `(string: <required>)`  Specifies the type of the audit backend.
Add local flag to docs for API endpoints. (#2625)
2017-04-28 18:33:27 +00:00
Additionally, the following options are allowed in Vault open-source, but
relevant functionality is only supported in Vault Enterprise:
- `local` `(bool: false)` Specifies if the audit backend is a local mount
only. Local mounts are not replicated nor (if a secondary) removed by
replication.
Redo docs for system backend This commit updates the API documentation for the system backend to break things apart on a per-page basis and provide specific examples. This pattern will give more flexibility for future documentation as well.
2017-03-15 06:40:33 +00:00
### Sample Payload
```json
{
"type": "file",
"options": {
"path": "/var/log/vault/log"
}
}
```
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request PUT \
--data @payload.json \
https://vault.rocks/v1/sys/audit/example-audit
```
## Unmount Audit Backend
This endpoint un-mounts the audit backend at the given path.
- **`sudo` required**  This endpoint requires `sudo` capability in addition to
any path-specific capabilities.
| Method | Path | Produces |
| :------- | :--------------------------- | :--------------------- |
| `DELETE` | `/sys/audit/:path` | `204 (empty body)` |
### Parameters
- `path` `(string: <required>)`  Specifies the path of the audit backend to
delete. This is part of the request URL.
### Sample Request
```
$ curl \
--header "X-Vault-Token: ..." \
--request DELETE \
https://vault.rocks/v1/sys/audit/example-audit
```
Reference in a new issue Copy permalink