Audit Log index

li_jessen2016 · January 22, 2019, 8:20am

xpack.security.audit.outputs

Specifies where audit logs are output. For example: [ index, logfile ] . The default value is logfile , which puts the auditing events in a dedicated file named <clustername>_audit.log on each node. You can also specify index , which puts the auditing events in an Elasticsearch index that is prefixed with .security_audit_log . The index can reside on the same cluster or a separate cluster.

what does index mean here? A collection of documents?

system · February 19, 2019, 8:20am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Xpack.security.audit.outputs: [ index, logfile ] in 7.x? Elasticsearch	1	751	February 6, 2020
How to index Elasticsearch security audit events in 7.0? Elasticsearch	1	312	May 17, 2019
Audit logs doc error or I'm confused Elasticsearch elastic-stack-security	2	384	April 23, 2019
Audit logs on ES 7.16.3 Elasticsearch elastic-stack-security	3	422	March 14, 2022
Xpack.Security.Audit.Index-Information Elasticsearch elastic-stack-security	3	353	July 11, 2019

Audit Log index

Related topics