Confluence's audit log is only available via
What would be a good solution to ship these entries to Elasticsearch?
I had a look at the http_poller input plugin.
While it looks like a good candidate, I'd have to re-read all the audit events everytime.
I'd need something like an internal counter so that I could use the query parameter start to limit where the results should begin.
I think I have a possible solution, which is not overcomplicated.
I can use this API to get the records from the last hour for example.
In the http_poller I call this API every hour.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.