audit

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.

Synopsis
Syntax
Description
Examples

audit

Synopsis

Returns audit trail information that is stored in the local audit index.

Syntax

audit

Description

View audit trail information stored in the local audit index. Also decrypt signed audit events while checking for gaps and tampering.

Examples

Example 1: View information in the "audit" index.

index="_audit" | audit

Retrieved from "http://docs.splunk.com/Documentation/Splunk/4.0.5/SearchReference/Audit"

« associate autoregress »

This documentation applies to the following versions of Splunk: 4.0 , 4.0.1 , 4.0.2 , 4.0.3 , 4.0.4 , 4.0.5 , 4.0.6 , 4.0.7 , 4.0.8 , 4.0.9 , 4.0.10 , 4.0.11 View the Article History for its revisions.

Was this topic useful?
Post a comment

You must be logged into splunk.com in order to post comments. Log in now.

Was this documentation topic helpful?

If you'd like to hear back from us, please provide your email address:

We'd love to hear what you think about this topic or the documentation as a whole. Feedback you enter here will be delivered to the documentation team.

Feedback submitted, thanks!

Search Reference

audit

Contents

audit

Synopsis

Syntax

Description

Examples

Comments