mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-09-06 22:41:08 +02:00
Code Issues Projects Releases Wiki Activity
vault/website/content/api-docs/system/config-auditing.mdx
Erica Thompson 0660ea6fac
Update README (#31244) 
* Update README

Let contributors know that docs will now be located in UDR

* Add comments to each mdx doc

Comment has been added to all mdx docs that are not partials

* chore: added changelog

changelog check failure

* wip: removed changelog

* Fix content errors

* Doc spacing

* Update website/content/docs/deploy/kubernetes/vso/helm.mdx

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

---------

Co-authored-by: jonathanfrappier <92055993+jonathanfrappier@users.noreply.github.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2025-07-22 08:12:22 -07:00

134 lines
3.5 KiB
Plaintext
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
layout: api
page_title: /sys/config/auditing - HTTP API
description: The `/sys/config/auditing` endpoint is used to configure auditing settings.
---
> [!IMPORTANT]
> **Documentation Update:** Product documentation, which were located in this repository under `/website`, are now located in [`hashicorp/web-unified-docs`](https://github.com/hashicorp/web-unified-docs), colocated with all other product documentation. Contributions to this content should be done in the `web-unified-docs` repo, and not this one. Changes made to `/website` content in this repo will not be reflected on the developer.hashicorp.com website.
# `/sys/config/auditing/request-headers`
@include 'alerts/restricted-root.mdx'
The `/sys/config/auditing` endpoint is used to configure auditing settings.
## Read all audited request headers
This endpoint lists the request headers that are configured to be audited.
- **`sudo` required**  This endpoint requires `sudo` capability in addition to
any path-specific capabilities.
| Method | Path |
| :----- | :------------------------------------- |
| `GET` | `/sys/config/auditing/request-headers` |
### Sample request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
http://127.0.0.1:8200/v1/sys/config/auditing/request-headers
```
### Sample response
```json
{
"headers": {
"X-Forwarded-For": {
"hmac": true
}
}
}
```
## Read single audit request header
This endpoint lists the information for the given request header.
- **`sudo` required**  This endpoint requires `sudo` capability in addition to
any path-specific capabilities.
| Method | Path |
| :----- | :------------------------------------------- |
| `GET` | `/sys/config/auditing/request-headers/:name` |
### Parameters
- `name` `(string: <required>)` Specifies the name of the request header to
query. This is specified as part of the URL.
### Sample request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header
```
### Sample response
```json
{
"X-Forwarded-For": {
"hmac": true
}
}
```
## Create/Update audit request header
This endpoint enables auditing of a header.
- **`sudo` required**  This endpoint requires `sudo` capability in addition to
any path-specific capabilities.
| Method | Path |
| :----- | :------------------------------------------- |
| `POST` | `/sys/config/auditing/request-headers/:name` |
### Parameters
- `hmac` `(bool: false)`  Specifies if this header's value should be HMAC'd in
the audit logs.
### Sample payload
```json
{
"hmac": true
}
```
### Sample request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header
```
## Delete audit request header
This endpoint disables auditing of the given request header.
- **`sudo` required**  This endpoint requires `sudo` capability in addition to
any path-specific capabilities.
| Method | Path |
| :------- | :------------------------------------------- |
| `DELETE` | `/sys/config/auditing/request-headers/:name` |
### Sample request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
--request DELETE \
http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header
```
Reference in New Issue View Git Blame Copy Permalink