Our ELK has 10 users like, A, B, C, D.
I want to monitor user action by log.
However, our system uses 'Basic' license so we can't log user action to log when i activate the audit configuration.
So is there any other method to monitor user action?
I want to see like below information.
ex) A, GET, /index/mominoting................
May be you can add a reverse proxy on top of elasticsearch like nginx, then install filebeat to monitor the logs and send them to elasticsearch?
Not sure how complicated is that and if you can actually do it but that's the only idea I had so far.
May be others will have better thoughts?
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.