How to know user who log into Kibana

harith · January 17, 2022, 10:52am

Hi guys,
I'm new here. Sorry if I'm in wrong category.

My question: How can I know user who log into my Kibana?
Kibana: Free version 7.4.0
Elasticsearch: Free version 7.4.0

What I've already done:

I set <xpack.security.audit.enabled/> to true in Kibana.yml, but nothing happened.
Then, I add
<xpack.security.audit.appender.type: rolling-file> and <xpack.security.audit.appender.fileName: /var/log/auditfile.log> in Kibana yml, my Kibana service unable to start.
I disabled #2 in Kibana.yml
I enabled #1 and #2 in Elasticsearch.yml, but my Elasticsearch service unable to start.

So, what exactly should I do to get user login audit? or I cannot get it in free version?
Appreciate your help.

Thank you

Tomo_M · January 21, 2022, 10:35pm

I suppose audit logging is a feature for some subscription license.

leandrojmp · January 21, 2022, 11:37pm

Audit logging is not available in the basic (free) license.

To see what is available in each license, check the subscriptions page.

One alternative would be to put your Kibana or Elasticsearch behind a proxy and consume the proxy logs.

system · February 18, 2022, 11:38pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
log whoever connects to the kibana web interface Kibana	6	109	February 29, 2024
Audit all users login to kibana Kibana elastic-stack-security	5	2368	February 15, 2021
Auditing for kibana Kibana elastic-stack-security	7	334	March 25, 2022
How many user are logging in to kibana? Kibana	3	299	August 5, 2020
Kibana usage monitoring Kibana elastic-stack-monitoring	5	833	July 29, 2020