Kibana audit logging

Hi,
I'm about to enable audit logging in kibana, but found documentation lacks information, i refer to:
https://www.elastic.co/guide/en/kibana/current/xpack-security-audit-logging.html

It says that the events you can audit are:
saved_objects_authorization_success
saved_objects_authorization_failure

But it does not say how to configure to audit one or both of the events. So question 1 is how do you specify what to audit?

Then it says "Audit logging uses the standard Kibana logging output" so i guess i might get information in logging.dest of the kibana.yml . Second question is that correct? do i get a different file for auditing logging than from normal logging?

thanks

Kibana defers to Elasticsearch for a number of these questions - https://www.elastic.co/guide/en/elasticsearch/reference/7.7/auditing-settings.html

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.