Expand description
Unified KV secrets analysis command.
Consolidates KV usage analysis, comparison, and summarization into a single powerful command with consistent interface and shared logic.
§Usage
# Analyze KV usage from audit logs
vault-audit kv-analysis analyze logs/*.log --output kv_usage.csv
vault-audit kv-analysis analyze logs/*.log --kv-prefix appcodes/ --output appcodes.csv
# Compare KV usage between time periods
vault-audit kv-analysis compare old_usage.csv new_usage.csv
# Summarize KV usage from CSV
vault-audit kv-analysis summary kv_usage.csv§Subcommands
§analyze
Comprehensive KV usage analysis from audit logs. Processes single or multiple log files (plain or compressed) to generate detailed usage statistics per path and entity. Supports filtering by KV mount prefix.
§compare
Compare KV usage patterns between two time periods. Identifies changes in access patterns, new secrets, abandoned secrets, and usage trends.
§summary
Quick overview of KV usage from CSV exports. Shows aggregated statistics, top accessed secrets, and breakdown by mount point.
Functions§
- run_
analyze - Run analyze subcommand
- run_
compare - Run compare subcommand
- run_
summary - Run summary subcommand