1--- 2layout: "api" 3page_title: "/sys/audit-hash - HTTP API" 4sidebar_title: "<code>/sys/audit-hash</code>" 5sidebar_current: "api-http-system-audit-hash" 6description: |- 7 The `/sys/audit-hash` endpoint is used to hash data using an audit device's 8 hash function and salt. 9--- 10 11# `/sys/audit-hash` 12 13The `/sys/audit-hash` endpoint is used to calculate the hash of the data used by 14an audit device's hash function and salt. This can be used to search audit logs 15for a hashed value when the original value is known. 16 17## Calculate Hash 18 19This endpoint hashes the given input data with the specified audit device's 20hash function and salt. This endpoint can be used to discover whether a given 21plaintext string (the `input` parameter) appears in the audit log in obfuscated 22form. 23 24The audit log records requests and responses. Since the Vault API is JSON-based, 25any binary data returned from an API call (such as a DER-format certificate) is 26base64-encoded by the Vault server in the response. As a result such information 27should also be base64-encoded to supply into the `input` parameter. 28 29| Method | Path | 30| :---------------------- | :----------------- | 31| `POST` | `/sys/audit-hash/:path` | 32 33### Parameters 34 35- `path` `(string: <required>)` – Specifies the path of the audit device to 36 generate hashes for. This is part of the request URL. 37 38- `input` `(string: <required>)` – Specifies the input string to hash. 39 40### Sample Payload 41 42```json 43{ 44 "input": "my-secret-vault" 45} 46``` 47 48### Sample Request 49 50``` 51$ curl \ 52 --header "X-Vault-Token: ..." \ 53 --request POST \ 54 --data @payload.json \ 55 http://127.0.0.1:8200/v1/sys/audit-hash/example-audit 56``` 57 58### Sample Response 59 60```json 61{ 62 "hash": "hmac-sha256:08ba35..." 63} 64``` 65