Bird
Raised Fist0

After enabling audit logging, no audit index is created. What might be wrong?

medium📝 Troubleshoot Q7 of Q15
Elasticsearch - Security
After enabling audit logging, no audit index is created. What might be wrong?
AAudit logging is only for log files, not indices
Bxpack.security.audit.enabled is set to false
CAudit logging outputs do not include 'index'
DThe cluster has no data nodes
Step-by-Step Solution
Solution:

  1. Step 1: Understand audit outputs

    Audit events go only to configured outputs like 'index' or 'logfile'.

  2. Step 2: Check outputs setting

    If 'index' is missing, no audit index will be created.

  3. Final Answer:

    Audit logging outputs do not include 'index' -> Option C

  4. Quick Check:

    Audit index created only if 'index' output enabled [OK]
Quick Trick: Include 'index' in outputs to create audit index [OK]
Common Mistakes:
MISTAKES
  • Assuming audit index always created
  • Confusing audit logging with general indexing

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Elasticsearch Quizzes
Advanced Patterns - Percolate queries (reverse search) - Quiz 1easy Advanced Patterns - Point-in-time API - Quiz 10hard Cluster Management - Node roles (master, data, ingest) - Quiz 4medium ELK Stack Integration - Why ELK stack provides observability - Quiz 2easy ELK Stack Integration - Machine learning anomaly detection - Quiz 8hard ELK Stack Integration - Why ELK stack provides observability - Quiz 12easy Performance and Scaling - Why performance tuning handles growth - Quiz 3easy Performance and Scaling - Bulk indexing optimization - Quiz 10hard Security - Encryption in transit and at rest - Quiz 9hard Security - Authentication basics - Quiz 3easy