aherman
/
boundary
mirror of https://github.com/hashicorp/boundary
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c2bc19c71f'
${ noResults }
boundary/website/content/docs/configuration/events/common.mdx

87 lines
2.5 KiB
Raw Blame History

---
layout: docs
page_title: Controller/worker - events - common sink parameters
description: |-
The common sink parameters for all sink types.
---
# Common sink parameters
These parameters are shared across all sink types:
- `name` - Specify a name for the sink.
- `description` - Specify a description for the sink.
- `event_types` - Specifies a list of event types that will be sent to the sink.
Can be `*`, `audit`, `error`, `observation`, `system`, or `telemetry`.
- `event_source_url` - Specifies an optional event source URL for the sink. If
not specified, the default source will be composed of the
`https://hashicorp.com/boundary.io/ServerName/Path/FileName`.
- `allow_filters` - Specifies a set of predicates for including an event in the
sink. If any filter matches, the event will be included. For more information,
on using filters see: [event filtering](/boundary/docs/concepts/filtering/events)
- `deny_filters` - Specifies a set predicates for excluding an event in the
sink. If any filter matches, the event will be excluded. For more information
on using filters see: [event filtering](/boundary/docs/concepts/filtering/events)
- `format` - Specifies the format for the sink. Can be `cloudevents-json`,
`cloudevents-text`, `hclog-json`, or `hclog-text`.
- `type` - Specifies the type of sink. Can be `stderr` or `file`.
- `audit_config` - Specifies configuration for the processing of audit events
for the sink. This is ignored if the sink is not configured to receive
`audit` events.
## `audit_config` parameters
- `audit_filter_overrides` - Specifies overrides for the filter operations that
are applied to audit events.
### `audit_filter_overrides` parameters
- `sensitive` `(string: "", "encrypt", "hmac-sha256", "redact")` - Specifies
the filter operation to apply to fields that are classified as sensitive.
- `secret` `(string: "", "encrypt", "hmac-sha256", "redact")` - Specifies
the filter operation to apply to fields that are classified as secret.
## `audit_config` examples
This example is equivalent to the default settings if no `audit_config` stanza
is provided.
```hcl
audit_config {
audit_filter_overrides {
sensitive = "redact"
secret = "redact"
}
}
```
This example will HMAC sensitive fields, and encrypt secrets.
```hcl
audit_config {
audit_filter_overrides {
sensitive = "hmac-sha256"
secret = "encrypt"
}
}
```
This example will not apply a filter to sensitive fields.
```hcl
audit_config {
audit_filter_overrides {
sensitive = ""
}
}
```
Reference in new issue View Git Blame Copy Permalink