Hi All, I'm new to ELK...how to we get information about user accounts like user account creation or expiration? something similar to a table in Database
I can see _security/user api has only username,fullname,email and roles.
We currently don't record the creation time or update time for users. So there is no way to find them out using APIs. The alternative that I can think of is using audit logs which can log the exact time when the user creation request is issued.
Also as warkolm said, users don't expire. They can be disabled and this status does show in the GetUser API.
API Key uses both creation_time and expiration_time. The security index is shared between different type of documents. Not all fields are used by each of them. That said, in hindsight, we probably would have recorded creation_time for user if API Key was introduced earlier.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.