- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
Set up the vault integration.
Detect when a vault root token is used. Root tokens can perform any activity and have the highest level of privileges in Vault and should only be used in emergencies.
This rule monitors Vault Audit Logs (source:vault
) to detect when root
is seen in:
@auth.policies
)This rule also monitors the API endpoint /sys/generate-root
which is used to create new root keys.
vault token lookup -accessor <accessor>
.vault token revoke -accessor <token>
).