Expand description
Path hotspot analysis command.
Identifies the most frequently accessed paths in Vault to help understand usage patterns and potential performance bottlenecks. Supports multi-file analysis (compressed or uncompressed) for long-term trending.
§Usage
# Single file - show top 20 hotspots (default)
vault-audit path-hotspots audit.log
vault-audit path-hotspots audit.log.gz
# Multi-day analysis with top 50 (compressed files)
vault-audit path-hotspots logs/*.log.gz --top 50
# Filter by mount point across multiple files
vault-audit path-hotspots day*.log --mount secretCompressed File Support: Works seamlessly with .gz and .zst files.
§Output
Displays top accessed paths with:
- Path name
- Total operations
- Unique entities accessing
- Operation breakdown (read/write/list/delete)
- Access rate (ops per hour)
- Top entity contributors
Helps identify:
- Performance bottlenecks
- Heavily used secrets
- Caching opportunities
- Load distribution