How to confirm audit logging is enabled

I had deployed elasticsearch-operator(1.3.0) with elasticsearch 7.9.0 in GKE. I have used below line in my elasticsearch.yaml to enable audit logging: true

As per the documentation(Enabling audit logging | Elasticsearch Guide [7.9] | Elastic), there will be some file "clustername>_audit.json" like this if I do exec into the pod. But I am not able to see that file.

can anyone suggest , is there anything that I need to add.

Can anyone tell whether it will be supporting for free users or only for subscribed users.

Audit logging requires a commercial subscription.

Okay. Thanks @Christian_Dahlqvist for the information.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.