We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent af9beda commit d57e12cCopy full SHA for d57e12c
1 file changed
configs/docker/config/config.yaml
@@ -0,0 +1,22 @@
1
+rule_groups:
2
+ - name: "normal_operations"
3
+ rules:
4
+ - 'Auth.PolicyResults.Allowed == true'
5
+ log_file:
6
+ file_path: "/var/log/vault_normal_operations.log"
7
+ max_size: 100
8
+ max_backups: 5
9
+ max_age: 30
10
+ compress: true
11
+
12
+ - name: "critical_events"
13
14
+ - 'Request.Operation == "delete" && Auth.PolicyResults.Allowed == true'
15
+ - 'Request.Path startsWith "secret/metadata/" && Auth.PolicyResults.Allowed == true'
16
+ - 'Request.Path == "secret/data/myapp/database" && Request.Operation == "update"'
17
18
+ file_path: "/var/log/vault_critical_events.log"
19
20
21
22
0 commit comments