How to trace/log all delete action

Michael_Oullion · May 4, 2021, 9:24am

Hi,
I have a shared ELK in my Enterprise and we need to trace/log 2 type of action :

I try without success with Audit and slowlog.
Is there a way to have this information?

Regards,
Mike.
PS : ELK 7.5.1 with Basic License

dadoonet · May 4, 2021, 9:44am

Audit log is the easiest way to go IMO but you need a Gold+ license (Subscriptions | Elastic Stack Products & Support | Elastic).

Otherwise you can:

May be others have nice ideas?

system · June 1, 2021, 9:44am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Tracking document updates and deletions with Audit Logging Elasticsearch	0	44	July 11, 2024
Logging inserts and deletion Elasticsearch	1	287	April 9, 2019
Detecting deletes Elasticsearch elastic-stack-security	4	1506	December 15, 2020
Elasticsearch 6.3.2 the index is automatically deleted Elasticsearch	11	2777	September 10, 2018
How to delete elasticsearch logs? Elasticsearch	17	12772	May 4, 2022