How to trace/log all delete action

Michael_Oullion · May 4, 2021, 9:24am

Hi,
I have a shared ELK in my Enterprise and we need to trace/log 2 type of action :

I try without success with Audit and slowlog.
Is there a way to have this information?

Regards,
Mike.
PS : ELK 7.5.1 with Basic License

dadoonet · May 4, 2021, 9:44am

Audit log is the easiest way to go IMO but you need a Gold+ license (Subscriptions | Elastic Stack Products & Support | Elastic).

Otherwise you can:

May be others have nice ideas?

system · June 1, 2021, 9:44am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logging DELETE query in logs Elasticsearch	1	473	May 24, 2021
How can i take user action in elasticsearch or kibana Elasticsearch	2	314	May 27, 2020
Tracking document updates and deletions with Audit Logging Elasticsearch	0	47	July 11, 2024
Slow deletes Elasticsearch	5	3277	July 5, 2017
Watcher delete document action Elasticsearch elastic-stack-alerting	2	648	August 17, 2022