How to find which IP most requests to elasticsearch come from?

Hello friends, my Elasticsearch server is constantly receiving requests from other IPs. Is it possible to find out from which IP the most requests are received? Any ideas will help me thank you in advance.

You will need subscription to enable audit logs

Isn't there any other solution? Using monitoring for example ?

by the way thank you for your reply :slight_smile:

You could do this with Packetbeat listening on the HTTP port, but it's all DIY.

@warkolm I'm so sory but I didnt understandt this sentence but it's all DIY. What does it mean DIY ?

Do it yourself, there's no packaged module for it.

Do you think I should proceed by following this path?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.