FATAL ValidationError: child searchguard fails because audit is not allowed


I need to debug the connection from keycloak to kibana. For that I would like to see all the details about the requests. But when I enable the corresponding settings in kibana.yml:

searchguard.audit.enable_request_details: true

I have following error:

FATAL ValidationError: child "searchguard" fails because ["audit" is not allowed]

How can I enable the logging of incoming request details?


Because it is not a valid option in kibana.yml. Put it in elasticsearch.yml instead. Configuring Audit Logging | Security for Elasticsearch | Search Guard

1 Like

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.