Additional audit logging events #32444
Labels
Comments
|
Pinging @elastic/es-security |
|
UP As System Administrator and Security auditor, I would like to have information about all changes in the role (create/update/delete) in audit log. I would like to see who? and how? changed the role, which permission was (add/changed/deleted) |
This comment has been minimized.
This comment has been minimized.
|
Up, we still waiting for this feature |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We've seen requests for additional audit logging events:
. Creation of application roles/profiles
. Modification of roles/profiles
. Changes to system security configuration
. Manual change to the non security related configuration which effects service function
. Log integrity events
. Manual log deletion or stoppage
Log integrity and log deletion events may be something we cannot catch, but we'd like to investigate this. Changes to files that are reloaded by the node seem to be something we could log on, as well as API-based changes to security settings.
Thanks!
The text was updated successfully, but these errors were encountered: