Hi Elasticsearch,
Is there any log in the cluster that I can check for previous operations?
For example like someone accidently delete a document in my cluster. And I would like to find out which document had been deleted. Or what command was accepted by the cluster so that I can revert the change.
I know there is translog in each node. But seems like translog is not permanently existed on the disk. Please advice.
I think you'd need to turn on debug level logging for that sort of thing?
X-pack security (commercial) can do audit logging in cas it helps.
Thanks, are we able to open the audit log for the shield in Elastic Cloud?
No, that isn't possible at this stage.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.