I have run the insert the data in Elasticsearch through rest call and once I went to Log and metrics inside the elastic cloud GUI ,I am unable to find audit logs , only I am getting server log, Please guide me regarding the same.
Optionally, turn on audit logging to capture security-related events, such as authentication failures, refused connections, and data-access events through the proxy. To turn on audit logging, edit your deployment’s elasticsearch.yml file to add these lines:
xpack.security.audit.enabled: true # xpack.security.audit.logfile.events.include: _all # xpack.security.audit.logfile.events.emit_request_body: true
The last two lines are commented out for now but left there as placeholders to easily turn on in the future. These two settings generate large logs, but can be helpful to turn on temporarily when troubleshooting traffic request bodies.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.