I would just like to get a list of all IPs/hosts currently querying elasticsearch. What would be the best way of getting this information? Would this be possible?
Thanks!
You either need to use Shield with audit indexing, or install some other proxy (nginx/apache) in front.
ES does not capture this data natively.