Kibana audit logging

mtudisco · June 12, 2020, 7:50pm

Hi,
I'm about to enable audit logging in kibana, but found documentation lacks information, i refer to:
https://www.elastic.co/guide/en/kibana/current/xpack-security-audit-logging.html

It says that the events you can audit are:
saved_objects_authorization_success
saved_objects_authorization_failure

But it does not say how to configure to audit one or both of the events. So question 1 is how do you specify what to audit?

Then it says "Audit logging uses the standard Kibana logging output" so i guess i might get information in logging.dest of the kibana.yml . Second question is that correct? do i get a different file for auditing logging than from normal logging?

thanks

mattkime · June 16, 2020, 6:27pm

Kibana defers to Elasticsearch for a number of these questions - https://www.elastic.co/guide/en/elasticsearch/reference/7.7/auditing-settings.html

system · July 14, 2020, 6:27pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How many user are logging in to kibana? Kibana	3	299	August 5, 2020
How to enable kibana audit logs Kibana elastic-stack-monitoring	11	4693	May 4, 2020
Kibana usage monitoring Kibana elastic-stack-monitoring	5	833	July 29, 2020
Kibana Access logs Kibana	2	3052	July 7, 2021
Collect logs about users logging in to Kibana Kibana	4	8088	December 13, 2019

Kibana audit logging

Related topics