mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-22 23:21:08 +02:00
0660ea6fac
* Update README Let contributors know that docs will now be located in UDR * Add comments to each mdx doc Comment has been added to all mdx docs that are not partials * chore: added changelog changelog check failure * wip: removed changelog * Fix content errors * Doc spacing * Update website/content/docs/deploy/kubernetes/vso/helm.mdx Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com> --------- Co-authored-by: jonathanfrappier <92055993+jonathanfrappier@users.noreply.github.com> Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
79 lines
2.1 KiB
Plaintext
79 lines
2.1 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: "audit disable - Vault CLI"
|
|
description: >-
|
|
Disable an audit device capturing log data from Vault.
|
|
---
|
|
|
|
> [!IMPORTANT]
|
|
> **Documentation Update:** Product documentation, which were located in this repository under `/website`, are now located in [`hashicorp/web-unified-docs`](https://github.com/hashicorp/web-unified-docs), colocated with all other product documentation. Contributions to this content should be done in the `web-unified-docs` repo, and not this one. Changes made to `/website` content in this repo will not be reflected on the developer.hashicorp.com website.
|
|
|
|
# `audit disable`
|
|
|
|
Disable an audit device if it exists.
|
|
|
|
<CodeBlockConfig hideClipboard>
|
|
|
|
```shell-session
|
|
$ vault audit disable [flags] <device_path>
|
|
|
|
$ vault audit disable [-help | -h]
|
|
```
|
|
|
|
</CodeBlockConfig>
|
|
|
|
## Description
|
|
|
|
`vault audit disable` deactivates an audit device without destroying data
|
|
already logged by the device. The operation is idempotent and succeeds if the
|
|
audit device is properly disabled **or** if the device path does not
|
|
correspond to an active audit device.
|
|
|
|
<Tip title="Related API endpoints">
|
|
|
|
DisableAuditDevice - [`DELETE:/sys/audit/{mount-path}`](/vault/api-docs/system/audit#disable-audit-device)
|
|
|
|
</Tip>
|
|
|
|
### Limitations and warnings
|
|
|
|
- You cannot HMAC values for comparison against audit logs for a disabled audit
|
|
device.
|
|
- Vault does not preserve HMAC encryption if you reenable an audit device at the
|
|
same path. Each time you enable a device, Vault uses a new salt for hashing.
|
|
|
|
## Command arguments
|
|
|
|
<br />
|
|
|
|
@include 'cli/audit/args/device_path.mdx'
|
|
|
|
## Command options
|
|
|
|
- None
|
|
|
|
## Command flags
|
|
|
|
- None
|
|
|
|
## Standard flags
|
|
|
|
<br />
|
|
|
|
@include 'cli/standard-settings/all-standard-flags-but-format.mdx'
|
|
|
|
## Examples
|
|
|
|
Disable a file-type audit device at the default path, `file/`:
|
|
|
|
```shell-session
|
|
$ vault audit disable file/
|
|
Success! Disabled audit device (if it was enabled) at: file/
|
|
```
|
|
|
|
Disable a socket audit device at the path `audit/kv-socket`:
|
|
|
|
```shell-session
|
|
$ vault audit disable audit/kv-socket/
|
|
Success! Disabled audit device (if it was enabled) at: audit/kv-socket/
|
|
``` |