Secrets Audit Trails
Audit trails are available via audit-service when configured, but the exact event taxonomy is deployment-specific.
Secrets Audit Trails
Audit trails are available via audit-service when configured, but the exact event taxonomy is deployment-specific.
Logged events
This repo does not currently emit a dedicated vault secret access event schema (for example secret.read).
Event structure
Refer to audit-service documentation for event storage and pagination.
Retention
Retention policies depend on your deployment configuration.
Export
Export to external systems:
- SIEM integration
- S3-compatible storage
- Webhook delivery
Alerting
Configure alerts for:
- Unusual access patterns
- Failed access attempts
- Sensitive secret access
- After-hours access