Tail Vault auth logs


You would like to tail the Vault auth log files, but if you use the vault tag for auditing and your server is also named vault, you cannot filter out the vault auth logs only.


Use the client_login as the filter in grep:

ubuntu@vault1:~$ sudo tail -f /var/log/auth.log | grep 'client_token'