mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-16 03:27:01 +02:00
676d1c69fe
* added note to warn of potential issues in disabling audit when using HMAC * added to command docs pages too
38 lines
1.2 KiB
Plaintext
38 lines
1.2 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: audit disable - Command
|
|
description: |-
|
|
The "audit disable" command disables an audit device at a given path, if one
|
|
exists. This command is idempotent, meaning it succeeds even if no audit
|
|
device is enabled at the path.
|
|
---
|
|
|
|
# audit disable
|
|
|
|
The `audit disable` command disables an audit device at a given path, if one
|
|
exists. This command is idempotent, meaning it succeeds even if no audit device
|
|
is enabled at the path.
|
|
|
|
Once an audit device is disabled, no future audit logs are dispatched to it. The
|
|
data associated with the audit device is unaffected. For example, if you
|
|
disabled an audit device that was logging to a file, the file would still exist
|
|
and have stored contents.
|
|
|
|
~> Note: Once an audit device is disabled, you will no longer be able to HMAC values
|
|
for comparison with entries in the audit logs. This is true even if you re-enable
|
|
the audit device at the same path, as a new salt will be created for hashing.
|
|
|
|
## Examples
|
|
|
|
Disable the audit device enabled at "file/":
|
|
|
|
```shell-session
|
|
$ vault audit disable file/
|
|
Success! Disabled audit device (if it was enabled) at: file/
|
|
```
|
|
|
|
## Usage
|
|
|
|
There are no flags beyond the [standard set of flags](/vault/docs/commands)
|
|
included on all commands.
|