Expand description
Entity gaps analysis command.
Identifies operations that occur without an associated entity ID, which can indicate unauthenticated requests or system operations. Supports multi-file analysis for comprehensive coverage.
§Usage
# Single file
vault-audit entity-gaps audit.log
# Multi-day analysis
vault-audit entity-gaps logs/vault_audit.*.log§Output
Displays operations grouped by path that have no entity ID:
- Request path
- Total operations count
- Common operations (read, write, list, etc.)
Helps identify:
- Public endpoints (health checks, metrics)
- System operations
- Potential authentication issues
- Unauthenticated access patterns