Purpose of enable: true at configuration top level

audit_collector: true is set but nothing is being written to the index, readonlyrest* indices are 0

xpack.security.enabled: false is set.
Elasticsearch 7.3.2

Probably a separate question but i also note that enabled: false seems to have no effect.

Am i missing something here, any suggestions where I could check?

My configuration is otherwise working fine

Hello @FunkyAlex!

Please can you share the whole, sanitised readonlyrest.yml?
Also the boot log of Elasticsearch.

Isn’t logging controlled at individual ACL block level? Do you have that set to error/info (whatever you need it to be) for different ACL block?


1 Like

@askids let’s see also from the ES logs if the plugin is actually loading correctly, at this point.