1--- 2layout: api 3page_title: /sys/audit-hash - HTTP API 4sidebar_title: <code>/sys/audit-hash</code> 5description: |- 6 The `/sys/audit-hash` endpoint is used to hash data using an audit device's 7 hash function and salt. 8--- 9 10# `/sys/audit-hash` 11 12The `/sys/audit-hash` endpoint is used to calculate the hash of the data used by 13an audit device's hash function and salt. This can be used to search audit logs 14for a hashed value when the original value is known. 15 16## Calculate Hash 17 18This endpoint hashes the given input data with the specified audit device's 19hash function and salt. This endpoint can be used to discover whether a given 20plaintext string (the `input` parameter) appears in the audit log in obfuscated 21form. 22 23The audit log records requests and responses. Since the Vault API is JSON-based, 24any binary data returned from an API call (such as a DER-format certificate) is 25base64-encoded by the Vault server in the response. As a result such information 26should also be base64-encoded to supply into the `input` parameter. 27 28| Method | Path | 29| :----- | :---------------------- | 30| `POST` | `/sys/audit-hash/:path` | 31 32### Parameters 33 34- `path` `(string: <required>)` – Specifies the path of the audit device to 35 generate hashes for. This is part of the request URL. 36 37- `input` `(string: <required>)` – Specifies the input string to hash. 38 39### Sample Payload 40 41```json 42{ 43 "input": "my-secret-vault" 44} 45``` 46 47### Sample Request 48 49``` 50$ curl \ 51 --header "X-Vault-Token: ..." \ 52 --request POST \ 53 --data @payload.json \ 54 http://127.0.0.1:8200/v1/sys/audit-hash/example-audit 55``` 56 57### Sample Response 58 59```json 60{ 61 "hash": "hmac-sha256:08ba35..." 62} 63``` 64