Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ingest structured Elasticsearch audit log using Filebeat #8831

Closed
ycombinator opened this issue Oct 30, 2018 · 4 comments
Closed

Ingest structured Elasticsearch audit log using Filebeat #8831

ycombinator opened this issue Oct 30, 2018 · 4 comments
Labels
enhancement Filebeat Filebeat needs_team Indicates that the issue/PR needs a Team:* label Stalled

Comments

@ycombinator
Copy link
Contributor

Starting with elastic/elasticsearch#31931, Elasticsearch is able to emit structured audit logs. The current elasticsearch/audit fileset in Filebeat knows how to ingest the semi-structured audit logs. We need to add support for the structured audit logs as well.
@ycombinator
Copy link
Contributor Author

/cc @albertzaharovits @ruflin

@ycombinator
Copy link
Contributor Author

Also /cc @elastic/es-security for broad visibility

@ycombinator ycombinator mentioned this issue Oct 31, 2018
Merged
@jaymode jaymode mentioned this issue Nov 27, 2018
Closed
@albertzaharovits albertzaharovits mentioned this issue Dec 4, 2018
Open
@botelastic
Copy link

botelastic bot commented Jul 8, 2020

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@botelastic botelastic bot added Stalled needs_team Indicates that the issue/PR needs a Team:* label labels Jul 8, 2020
@botelastic
Copy link

botelastic bot commented Jul 8, 2020

This issue doesn't have a Team:<team> label.

@botelastic botelastic bot closed this as completed Aug 7, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Filebeat Filebeat needs_team Indicates that the issue/PR needs a Team:* label Stalled
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ycombinator