-
Notifications
You must be signed in to change notification settings - Fork 24.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rename _audit.log to _audit.json #37916
Conversation
Pinging @elastic/es-core-infra |
Pinging @elastic/es-security |
@ycombinator what do you think, is this necessary for consistency from the ingest perspective? |
Strictly speaking, it's not necessary from an Ingest perspective as Filebeat can uniquely target |
Understood, thank you @ycombinator for the input! |
Thank you for tackling this one too @pgomulka ! I am OK with the change. I vaguely remember some qa sql tests parsing the audit log so you might encounter some CI failures. In addition I think a breaking change notice is in order. I am not quite sure where to file it, but maybe @lcawl can help? I am thinking, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@elasticmachine run elasticsearch-ci/2 |
@elasticmachine run elasticsearch-ci/1 |
@elasticmachine run elasticsearch-ci/docs-check |
As a follow up from discussion comment
in order to keep json logs consistent the security aduit logs are renamed from
.log
to.json
relates #32850