Reduce similar log entries in Kibana log


(Nandha Krishna) #1

I recently activated the logging.dest in the kibana.yml. The reason for doing that is I wanted to check details of who logged into Kibana through xpack. But the problem is that kibana audit logs get filled so much that even a little activity in the Kibana UI gets logged. Is there any way to reduce the amount of logging so that I can capture only the login details of a certain user and not every activity by the users?

Thanks.


(Lukas Olson) #2

Unfortunately, I don't believe there is an option to configure the logging to only log login attempts. You can, however, only log errors by setting logging.quiet: true. Do you have access to configure the logging in Elasticsearch? If so, you may be able to see any authentication attempts, as well as limit it to success or failures. More info here: https://www.elastic.co/guide/en/x-pack/6.2/auditing.html


(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.