I checked documentation and forum but couldn’t easily find anything like this.
We currently have a configuration like this
readonlyrest:
enable: true
# IMPORTANT FOR LOGIN/LOGOUT TO WORK
prompt_for_basic_auth: false
response_if_req_forbidden: "Computer says no!"
audit_collector: true
audit_index_template: "'readonlyrest_audit'-yyyy.MM"
And this logs the audit log to the index.
But also sends the audit log to the elasticsearch.log log file on disk, this is not necessary for me.
Is there a way to remove this from the logfile without having to configure custom log4j settings (like to keep things as much default as possible )
I’m afraidi this will need to wait until next sprint at least. We are busy making ROR work with Kubernetes, there’s a memory leak in YAML parser to be taken care of, and the fields rule optimisations.
I think this can be worked around with a log4j line in the meantime?
We are forwarding the logs to a secondary Elasticsearch and dropping these lines in the Logstash there.
So we have a workaround, I was just curious if this was still on the roadmap.
No rush, no need to hurry (at least not for me)
This task got buried because we had very little bandwidth until last month when we released the rewritten ROR Enterprise. I bumped this to next sprint. Will bubble up during next couple of months.