Hi,
I'm about to enable audit logging in kibana, but found documentation lacks information, i refer to:
https://www.elastic.co/guide/en/kibana/current/xpack-security-audit-logging.html
It says that the events you can audit are:
saved_objects_authorization_success
saved_objects_authorization_failure
But it does not say how to configure to audit one or both of the events. So question 1 is how do you specify what to audit?
Then it says "Audit logging uses the standard Kibana logging output" so i guess i might get information in logging.dest of the kibana.yml . Second question is that correct? do i get a different file for auditing logging than from normal logging?
thanks