Expand description
Token lifecycle operations analysis.
⚠️ DEPRECATED: Use token-analysis instead.
This command has been consolidated into the unified token-analysis command
which provides the same functionality plus abuse detection and CSV export.
# Old command (deprecated)
vault-audit token-operations vault_audit.log
# New command (recommended)
vault-audit token-analysis vault_audit.logSee token_analysis module for full documentation.
Tracks token-related operations to understand token usage patterns and identify entities performing high volumes of token operations. Supports multi-file analysis for long-term trending.
§Usage
# Single file analysis
vault-audit token-operations vault_audit.log
# Week-long analysis
vault-audit token-operations logs/vault_audit.2025-10-*.log§Output
Displays a summary table showing per-entity token operations:
- lookup-self: Token self-inspection operations
- renew-self: Token renewal operations
- revoke-self: Token revocation operations
- create: New token creation
- login: Authentication operations that create tokens
- other: Other token-related operations
Results are sorted by total operations (descending) to identify the most active entities.