Specifies where audit logs are output. For example:
[ index, logfile ] . The default value is
logfile , which puts the auditing events in a dedicated file named
<clustername>_audit.log on each node. You can also specify
index , which puts the auditing events in an Elasticsearch index that is prefixed with
.security_audit_log . The index can reside on the same cluster or a separate cluster.
what does index mean here? A collection of documents?