ELK 7.3

mounikasony · March 11, 2020, 11:39am

how to enable kibana audit logs?
I have made configuration changes xpack.security.audit.enabled= true in elasticsearch.yml .
how do the data write into this file elasticsearch_audit.json with audited events like access_granted, anonymous_access_denied, authentication_failed, connection_denied, tampered_request, run_as_denied, run_as_granted .
Is there anything i missed . please provide me solution

spinscale · March 12, 2020, 10:50am

Audit logging requires a gold or platinum license (or a trial license for testing). Do you have such a license type? See https://www.elastic.co/subscriptions for more information.

mounikasony · March 12, 2020, 11:05am

yes i am using ELK 7.3 version in linux server. I think we are using trial license.
How do i check that ?

spinscale · March 12, 2020, 11:23am

See https://www.elastic.co/guide/en/elasticsearch/reference/7.6/get-license.html

system · April 9, 2020, 11:24am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to enable kibana audit logs Kibana elastic-stack-monitoring	11	4693	May 4, 2020
Audit logs on ES 7.16.3 Elasticsearch elastic-stack-security	3	422	March 14, 2022
Audit logging in elasticsearch Elasticsearch	7	424	July 23, 2020
Audit authentication failed Elasticsearch	1	511	February 21, 2020
Elasticsearch Audit not supported, but still got entries Elasticsearch	4	531	January 11, 2021

ELK 7.3

Related topics