v1.14.6/website/content/api-docs/system/config-auditing.mdx - hashicorp/vault - Git at Google

 ---
 layout: api
 page_title: /sys/config/auditing - HTTP API
 description: The `/sys/config/auditing` endpoint is used to configure auditing settings.
 ---

 # `/sys/config/auditing`

 @include 'alerts/restricted-root.mdx'

 The `/sys/config/auditing` endpoint is used to configure auditing settings.

 ## Read all audited request headers

 This endpoint lists the request headers that are configured to be audited.

 - **`sudo` required** – This endpoint requires `sudo` capability in addition to
   any path-specific capabilities.

 | Method | Path                                   |
 | :----- | :------------------------------------- |
 | `GET`  | `/sys/config/auditing/request-headers` |

 ### Sample request

 ```shell-session
 $ curl \
     --header "X-Vault-Token: ..." \
     http://127.0.0.1:8200/v1/sys/config/auditing/request-headers
 ```

 ### Sample response

 ```json
 {
   "headers": {
     "X-Forwarded-For": {
       "hmac": true
     }
   }
 }
 ```

 ## Read single audit request header

 This endpoint lists the information for the given request header.

 - **`sudo` required** – This endpoint requires `sudo` capability in addition to
   any path-specific capabilities.

 | Method | Path                                         |
 | :----- | :------------------------------------------- |
 | `GET`  | `/sys/config/auditing/request-headers/:name` |

 ### Parameters

 - `name` `(string: <required>)` – Specifies the name of the request header to
   query. This is specified as part of the URL.

 ### Sample request

 ```shell-session
 $ curl \
     --header "X-Vault-Token: ..." \
     http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header
 ```

 ### Sample response

 ```json
 {
   "X-Forwarded-For": {
     "hmac": true
   }
 }
 ```

 ## Create/Update audit request header

 This endpoint enables auditing of a header.

 - **`sudo` required** – This endpoint requires `sudo` capability in addition to
   any path-specific capabilities.

 | Method | Path                                         |
 | :----- | :------------------------------------------- |
 | `POST` | `/sys/config/auditing/request-headers/:name` |

 ### Parameters

 - `hmac` `(bool: false)` – Specifies if this header's value should be HMAC'ed in
   the audit logs.

 ### Sample payload

 ```json
 {
   "hmac": true
 }
 ```

 ### Sample request

 ```shell-session
 $ curl \
     --header "X-Vault-Token: ..." \
     --request POST \
     --data @payload.json \
     http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header
 ```

 ## Delete audit request header

 This endpoint disables auditing of the given request header.

 - **`sudo` required** – This endpoint requires `sudo` capability in addition to
   any path-specific capabilities.

 | Method   | Path                                         |
 | :------- | :------------------------------------------- |
 | `DELETE` | `/sys/config/auditing/request-headers/:name` |

 ### Sample request

 ```shell-session
 $ curl \
     --header "X-Vault-Token: ..." \
     --request DELETE \
     http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header
 ```
	---
	layout: api
	page_title: /sys/config/auditing - HTTP API
	description: The `/sys/config/auditing` endpoint is used to configure auditing settings.
	---

	# `/sys/config/auditing`

	@include 'alerts/restricted-root.mdx'

	The `/sys/config/auditing` endpoint is used to configure auditing settings.

	## Read all audited request headers

	This endpoint lists the request headers that are configured to be audited.

	- `sudo` required – This endpoint requires `sudo` capability in addition to
	any path-specific capabilities.

	\| Method \| Path \|
	\| :----- \| :------------------------------------- \|
	\| `GET` \| `/sys/config/auditing/request-headers` \|

	### Sample request

	```shell-session
	$ curl \
	--header "X-Vault-Token: ..." \
	http://127.0.0.1:8200/v1/sys/config/auditing/request-headers
	```

	### Sample response

	```json
	{
	"headers": {
	"X-Forwarded-For": {
	"hmac": true
	}
	}
	}
	```

	## Read single audit request header

	This endpoint lists the information for the given request header.

	- `sudo` required – This endpoint requires `sudo` capability in addition to
	any path-specific capabilities.

	\| Method \| Path \|
	\| :----- \| :------------------------------------------- \|
	\| `GET` \| `/sys/config/auditing/request-headers/:name` \|

	### Parameters

	- `name` `(string: <required>)` – Specifies the name of the request header to
	query. This is specified as part of the URL.

	### Sample request

	```shell-session
	$ curl \
	--header "X-Vault-Token: ..." \
	http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header
	```

	### Sample response

	```json
	{
	"X-Forwarded-For": {
	"hmac": true
	}
	}
	```

	## Create/Update audit request header

	This endpoint enables auditing of a header.

	- `sudo` required – This endpoint requires `sudo` capability in addition to
	any path-specific capabilities.

	\| Method \| Path \|
	\| :----- \| :------------------------------------------- \|
	\| `POST` \| `/sys/config/auditing/request-headers/:name` \|

	### Parameters

	- `hmac` `(bool: false)` – Specifies if this header's value should be HMAC'ed in
	the audit logs.

	### Sample payload

	```json
	{
	"hmac": true
	}
	```

	### Sample request

	```shell-session
	$ curl \
	--header "X-Vault-Token: ..." \
	--request POST \
	--data @payload.json \
	http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header
	```

	## Delete audit request header

	This endpoint disables auditing of the given request header.

	- `sudo` required – This endpoint requires `sudo` capability in addition to
	any path-specific capabilities.

	\| Method \| Path \|
	\| :------- \| :------------------------------------------- \|
	\| `DELETE` \| `/sys/config/auditing/request-headers/:name` \|

	### Sample request

	```shell-session
	$ curl \
	--header "X-Vault-Token: ..." \
	--request DELETE \
	http://127.0.0.1:8200/v1/sys/config/auditing/request-headers/my-header
	```