Exclude user from security audit logging? (logstash's elasticsearch output user)


(Myles) #1

Hey Guys,

I would be very interested in a way to exclude the user I use to authenticate my elasticsearch output in logstash from the security auditing feature. The auditing is very helpful and I want all the audit events turned on. The problem is when I have 10k EPS coming from my logstash cluster into my elasticsearch cluster with each bulk operation being audit logged. Is there either a way to exclude users from audit logging or just a better way to output to elasticsearch from logstash to avoid the audit logging of said operation in the first place?


(system) #2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.