ELK 7.3

how to enable kibana audit logs?
I have made configuration changes xpack.security.audit.enabled= true in elasticsearch.yml .
how do the data write into this file elasticsearch_audit.json with audited events like access_granted, anonymous_access_denied, authentication_failed, connection_denied, tampered_request, run_as_denied, run_as_granted .
Is there anything i missed . please provide me solution

Audit logging requires a gold or platinum license (or a trial license for testing). Do you have such a license type? See https://www.elastic.co/subscriptions for more information.

yes i am using ELK 7.3 version in linux server. I think we are using trial license.
How do i check that ?

See https://www.elastic.co/guide/en/elasticsearch/reference/7.6/get-license.html

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.