Audit file is empty

Hi, i enabled Audit on all my elasticsearch.yml :

xpack.security.audit.enabled: true

I have already enabled https and transport inside my cluster.

I don't know why my _audit.json file is empty . The owner - group to the file is elasticsearch:elasticsearch

Help thanks :slight_smile:

Audit logging is a Gold and above license feature - https://www.elastic.co/subscriptions

What license level do you have?

Platinum license

You can reach out to your support engineer then, they will be able to help you.

eemh, i'm the engineer, i tried several ways but the file is not populated, i don't know how to fix

Mark meant the elastic support.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.