
audit
Description
Returns audit trail information that is stored in the local audit index. This command also validates signed audit events while checking for gaps and tampering.
Syntax
audit
Examples
Example 1: View information in the "audit" index.
index="_audit" | audit
PREVIOUS associate |
NEXT autoregress |
This documentation applies to the following versions of Splunk Cloud™: 7.0.13, 7.2.4, 7.2.6, 7.2.8, 7.2.7, 7.2.9, 7.2.10, 8.0.2006, 8.0.2007, 8.1.2008, 8.1.2009, 8.1.2011, 8.1.2012
Feedback submitted, thanks!