The External Secrets Inc. Audit & Compliance product suite is a premium product. It requires a specific subscription. Contact us for more information.

Audit Listener

Audit Listener is the component responsible for receiving audit logs from external providers and process them into consumable, actionable KPIs. It is also responsible to calculate policies and generate metrics accordingly.

Default Processes

By default, the audit Listener will automatically compute the following information:
  • Duplicates for each secret
  • Duplication Logs for each secret:
    • When a given secret was duplicated, by whom and where was it duplicated
    • When a given secret duplication was normalized (values are now different)
  • Last Rotation for each secret
  • Last Access for each secret
  • Rotation Logs for each secret
  • Access Logs for each secret
  • RBAC Logs for each secret

Extension with Policies

The Audit Listener also supports extending its behavior by allowing it to compute policies on different events. To understand more how policies work, check Policies. Once a new policy is created, the listener will start computing it and store the following information:
  • Which policies a given secret is non compliant to at a given point in time
  • Policy compliance logs for each secret

Listener Architecture

Listener Architecture Listener Architecture More details Coming Soon.