Topics

| pdf version

Toolbox

Splunk > The IT Search Company

  • Search and navigate IT data from applications, servers and network devices in real-time.
  • Download Splunk

Localized Splunk documentation

Looking for Splunk documentation in other languages?

Documentation | Discussion | View source | History

audit

This documentation applies to the following versions of Splunk: 4.0 , 4.0.1 , 4.0.2 , 4.0.3 , 4.0.4 , 4.0.5 , 4.0.6 , 4.0.7 , 4.0.8 , 4.0.9 , 4.0.10

audit

Synopsis

Returns audit trail information that is stored in the local audit index.

Syntax

audit

Description

View audit trail information stored in the local audit index. Also decrypt signed audit events while checking for gaps and tampering.

Examples

Example 1: View information in the "audit" index.

index="_audit" | auditSearch
Retrieved from "http://www.splunk.com/base/Documentation/4.0.10/SearchReference/Audit"
Revision: 207 Contact Privacy Policy Terms of Use Community content licensed under Creative Commons

Copyright © 2005-2010 Splunk Inc. All rights reserved.