Esta página aún no está disponible en su idioma local. Estamos trabajando arduamente para agregar más versiones de idiomas. Gracias por tu apoyo.
- What's New
- Function Overview
- Service Overview
- Getting Started
-
User Guide
- Getting Started
- Creating and Accessing a Cluster
- Scaling In/Out a Cluster
- Upgrading Versions
- Importing Data to Elasticsearch
-
Managing Elasticsearch Clusters
- Cluster and Storage Capacity Statuses
- Introduction to the Cluster List
- Index Backup and Restoration
- Binding an Enterprise Project
- Restarting a Cluster
- Migrating Cluster Data
- Deleting a Cluster
- Managing Tags
- Public Network Access
- Managing Logs
- Managing Plugins
- Hot and Cold Data Storage
- Configuring Parameters
- VPC Endpoint Service
- Kibana Public Access
- Vector Retrieval
- Working with Kibana
- Elasticsearch SQL
- Connecting a Cluster to a Dedicated Load Balancer
- Enhanced Features
- Monitoring
- Auditing
- Change History
- Best Practices
-
API Reference
- Before You Start
- API Overview
- Calling APIs
- Getting Started
-
Cluster Management
- Creating a cluster
- Querying the Cluster List
- Querying Cluster Details
- Deleting a Cluster
- Renaming a Cluster
- Changing the Password of a Cluster
- Restarting a Cluster
- Scaling Out a Cluster
- Adding Instances and Expanding Instance Storage Capacity
- Changing Specifications
- Obtaining the Instance Specifications List
- Querying All Tags
- Querying Tags of a Specified Cluster
- Adding Tags to a Cluster
- Deleting a Cluster Tag
- Adding or Deleting Cluster Tags in Batches
- Changing the Specifications of a Specified Node Type
- Scaling In a Cluster by Removing a Specific Node
- Scaling In Nodes of a Specific Type
- Downloading a Security Certificate
- Replacing a Node
- Configuring the Security Mode.
- Adding Independent Masters and Clients
- Changing the Security Group
- Kibana Public Network Access
- Log Management
- Public Network Access
-
Snapshot Management
- (Not Recommended) Automatically Setting Basic Configurations of a Cluster Snapshot
- Modifying Basic Configurations of a Cluster Snapshot
- Manually Creating a Snapshot
- Restoring a Snapshot
- Deleting a Snapshot
- Configuring the Automatic Snapshot Creation Policy
- Querying the Automatic Snapshot Creation Policy
- Querying a Snapshot List
- Disabling the Snapshot Function
- VPC Endpoint
- Parameter Configuration
- Common Parameters
- Change History
- SDK Reference
-
FAQs
- General Consulting
-
Accessing CSS Clusters
- How Do I Reset the Administrator Password of a Security-mode Cluster in CSS?
- Are Ports 9200 and 9300 Open for Access to Elasticsearch Clusters?
- How Do I Use a NAT Gateway to Access CSS from the Internet?
- How Do I Connect In-house Developed Kibana to an Elasticsearch Cluster in CSS?
- How Do I Connect In-house Developed OpenSearch Dashboards to an OpenSearch Cluster in CSS?
- Migrating CSS Clusters
-
Using CSS Cluster Search Engines
- Why Are Newly Created Index Shards Allocated to a Single Node in CSS?
- How Do I Create a Type Under an Index in an Elasticsearch 7.x Cluster of CSS?
- How Do I Change the Number of Replicas for Elasticsearch Indexes in CSS?
- What Are the Impacts If an Elasticsearch Cluster of CSS Has Too Many Shards?
- How Do I Check the Number of Shards and Replicas in a CSS Cluster?
- What Does the Value i for node.roles Mean for Nodes in an Elasticsearch Cluster of CSS?
- How Do I Change the Maximum Number of Results Returned for Searches to an Index in an Elasticsearch Cluster of CSS?
- How Do I Update Index Lifecycle Policies for an Elasticsearch Cluster of CSS?
- How Do I Set Slow Query Log Thresholds for an Elasticsearch Cluster of CSS?
- How Do I Clear Elasticsearch Indexes in CSS?
- How Do I Clear Elasticsearch Cache in CSS?
- Why Does the Disk Usage Increase After the delete_by_query Command Was Executed to Delete Data in an Elasticsearch Cluster?
- Do CSS Elasticsearch Clusters Support script dotProduct?
-
Managing CSS Clusters
- How Do I Check the AZ Where a CSS Cluster Is Located?
- What Is the Relationship Between the Filebeat Version and Cluster Version in CSS?
- How Do I Obtain the Security Certificate of CSS?
- How Do I Convert the Format of a CER Security Certificate in CSS?
- Can I Modify the Security Group for Elasticsearch and OpenSearch Clusters in CSS?
- How Do I Set search.max_buckets for an Elasticsearch Cluster of CSS?
- Can I Modify the TLS Algorithm of an Elasticsearch or OpenSearch Cluster in CSS?
- How Do I Enable Audit Logs for an Elasticsearch or OpenSearch Cluster of CSS?
- Can I Stop a CSS Cluster?
- How Do I Query the Index Size on OBS After the Freezing of Indexes for a CSS Cluster?
- How Do I Check the List of Default Plugins for Elasticsearch and OpenSearch Clusters?
- CSS Cluster Backup and Restoration
- CSS Cluster Monitoring and O&M
- Troubleshooting
- Videos
On this page
Show all
Help Center/
Cloud Search Service/
FAQs/
Managing CSS Clusters/
How Do I Enable Audit Logs for an Elasticsearch or OpenSearch Cluster of CSS?
How Do I Enable Audit Logs for an Elasticsearch or OpenSearch Cluster of CSS?
Updated on 2024-12-02 GMT+08:00
Audit logs are disabled for Elasticsearch clusters by default.
Audit logs can be enabled for security-mode Elasticsearch 7.6.2 clusters as well as security-mode OpenSearch clusters.
- Log in to the CSS management console.
- In the navigation pane, choose Clusters. The cluster list is displayed.
- Click the name of the target cluster to go to the cluster details page.
- In the navigation pane on the left, choose Parameter Configurations. Click Edit, expand the Customize parameter, and click Add.
- For an Elasticsearch cluster, set Key to opendistro_security.audit.type and Value to internal_elasticsearch.
- For an OpenSearch cluster, set Key to plugins.security.audit.type and Value to internal_opensearch.
Figure 1 Configuring a custom parameter
- After the change is complete, click Submit.In the displayed Submit Configuration dialog box, select the box indicating "I understand that the modification will take effect after the cluster is restarted." and click Yes.
If the Status is Succeeded in the parameter change list, the change has been saved.
- Return to the cluster list and choose More > Restart in the Operation column to restart the cluster and make the change take effect.
- After the cluster is restarted, click Access Kibana in the Operation column. On the displayed page, enter the username and password. The Dev Tools page is displayed.
- In the Console page, run the GET _cat/indices?v command. If there are indexes related to .*audit*, the audit log function is enabled.
Parent topic: Managing CSS Clusters
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
The system is busy. Please try again later.