I need to find a way to track user activity inside the Elastic Cloud. So in case the user hasn't logged in for a certain time we may get a sort of alert about it.
So far I've found this auditing article but not only I'm unaware about how to set it in the cloud, it seems it hasn't been updated for quite some time.
So I would like some help in exploring my options in this case.
Would it be possible to have these logs shipped into a basic license cluster?
I'm not sure I could have another dedicated cluster on cloud just for this, but if I could have a simpler one just so I could monitor these activities it might work for me.
Elastic Cloud only ships logs to Elastic Cloud clusters.
You can ship them back to the same cluster. It's just not considered best practice because that will put load on the primary cluster, but that's absolutely possible.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.