1--- 2layout: api 3page_title: /sys/audit-hash - HTTP API 4description: |- 5 The `/sys/audit-hash` endpoint is used to hash data using an audit device's 6 hash function and salt. 7--- 8 9# `/sys/audit-hash` 10 11The `/sys/audit-hash` endpoint is used to calculate the hash of the data used by 12an audit device's hash function and salt. This can be used to search audit logs 13for a hashed value when the original value is known. 14 15## Calculate Hash 16 17This endpoint hashes the given input data with the specified audit device's 18hash function and salt. This endpoint can be used to discover whether a given 19plaintext string (the `input` parameter) appears in the audit log in obfuscated 20form. 21 22The audit log records requests and responses. Since the Vault API is JSON-based, 23any binary data returned from an API call (such as a DER-format certificate) is 24base64-encoded by the Vault server in the response. As a result such information 25should also be base64-encoded to supply into the `input` parameter. 26 27| Method | Path | 28| :----- | :---------------------- | 29| `POST` | `/sys/audit-hash/:path` | 30 31### Parameters 32 33- `path` `(string: <required>)` – Specifies the path of the audit device to 34 generate hashes for. This is part of the request URL. 35 36- `input` `(string: <required>)` – Specifies the input string to hash. 37 38### Sample Payload 39 40```json 41{ 42 "input": "my-secret-vault" 43} 44``` 45 46### Sample Request 47 48```shell-session 49$ curl \ 50 --header "X-Vault-Token: ..." \ 51 --request POST \ 52 --data @payload.json \ 53 http://127.0.0.1:8200/v1/sys/audit-hash/example-audit 54``` 55 56### Sample Response 57 58```json 59{ 60 "hash": "hmac-sha256:08ba35..." 61} 62``` 63