Audit logs doc error or I'm confused

I added true
to my elasticsearch.yml

I expected to see cluster-name_audit.log, but I found cluster_name_access.log. I finally found doc explaining there should be both files, but I can't find any audit.log.

I guess the files would be the same, just duplicated?

The name of the audit log file was changed to <clustername>_index.login version 6.5, before that the file was named <clustername>_access.log but we kept the old file name around for compatibility reasons.

As mentioned in the doc you linked above (which is for version 6.6)

For backwards compatibility reasons, a file named <clustername>_access.log is also generated.

This means that since you only see <clustername>_access.log, you are probably running Elasticsearch on a version before 6.5 and there is nothing wrong, or nothing more you need to do.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.