I am using trial License to try the IP filtering and Security audit (using version 8.0.0), but it's not working.
I added this configuration to my elasticsearch.yml file:
II tried to deny my IP address and it didn't work, so I decided to try to deny everything and didn't work too.
and for the auditing, I am not seeing any *_audit.json file !
Could you tell me please if the auditing and IP filetring don't work with Trial License, or I am doing something wrong in my configuration !
Thanks for your help
For historical reasons, you must explicitly set
xpack.security.enabled: true for
UPDATE: The auditing is working now, still just IP filtering not working
Thanks for your answer @Albert_Zaharovits,
I am already using
here is my whole configuration:
xpack.security.transport.ssl.certificate_authorities: [ "ca.crt" ]
#===============Encryption between Elastic and kibana================
#===================== Monitoring =========================
#================= Test audit and IP filtering ====================
Elasticsearch 8 hasn't been released yet. Can you clarify exactly what you're running?
I try Elasticsearch 8.0.0 from source (github) to know if there is significant updates in the SIEM section as it's what I use ELastic for and then wait the release to update my cluster.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.