FATAL ValidationError: child searchguard fails because audit is not allowed

Hi,

I need to debug the connection from keycloak to kibana. For that I would like to see all the details about the requests. But when I enable the corresponding settings in kibana.yml:

searchguard.audit.enable_request_details: true

I have following error:

FATAL ValidationError: child "searchguard" fails because ["audit" is not allowed]

How can I enable the logging of incoming request details?

Thanks

Because it is not a valid option in kibana.yml. Put it in elasticsearch.yml instead. https://docs.search-guard.com/latest/audit-logging-compliance

1 Like

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.