Delete: xpack.security.audit.index

eramitsinha · October 12, 2017, 5:08pm

Hi,

I am using Elastic Search 5.2.2, Kibana 5.2.2 and X-Pack 5.2.2

I have enabled auditing on my cluster, so this is working fine as I could see ".security_audit_log" index are getting generated.

But would like to understand is there any mechanism to archieve and delete Audit Indexes.

Similar to monitoring mechanism(xpack.monitoring.history.duration)

Thanks,
Amit Sinha.

TimV · October 13, 2017, 1:26am

There is nothing built-in to X-Pack for this. You can use curator to automate the removal of indices.

eramitsinha · October 13, 2017, 5:09pm

Thank You.

Topic		Replies	Views
Deleting index for security audit log? Elasticsearch	1	853	June 13, 2017
Index delete by x-pack Elasticsearch	3	408	May 17, 2018
Audit logs or other way to ensure integrity of the logs Elastic Cloud on Kubernetes (ECK)	3	1034	November 4, 2022
Xpack.security.audit.outputs: [ index, logfile ] in 7.x? Elasticsearch	1	816	February 6, 2020
Automatically removing index Elasticsearch	3	14347	December 6, 2017