Report on user and the role


I am thinking to create a report about user and the role granted.

I know I can run following script in Console to get the list of role mapping, but is there a way to index it so that i can create a Discover or Visualize report ?
GET _security/role_mapping

Or does the audit log keep track of:

  1. the person who grant role / access to user? What role being granted ?
  2. list of user and the role granted?


You could create a LogStash pipeline to ingest the data. Unfortunately, I don't think the elasticsearch input would work as this uses the Search API of Elasticsearch. But you could use the http_poller to poll the role_mapping API.
You could even enhance that data by using the http filter to add the role definition to the document before storing it in ElasticSearch.
Also, you might have internal users which are managed within Kibana so you might want to add the internal users with this role to the document using a separate http filter.

Best regards

Thanks to Wolfram. That's what i am looking for.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.