Logging and audit settings

IMPORTANT: This documentation is no longer updated. Refer to Elastic's version policy and the latest documentation.

To update these settings, refer to Add Kibana user settings.

logging.verbose: If set to true, all events are logged, including system usage information and all requests. Defaults to false.
logging.quiet: If set to true, all logging output other than error messages is suppressed. Defaults to false.
elasticsearch.logQueries: When set to true, queries sent to Elasticsearch are logged (requires logging.verbose set to true). Defaults to false.
xpack.security.audit.enabled: When set to true, audit logging is enabled for security events. Defaults to false.
xpack.security.audit.appender.type: When set to "rolling-file" and xpack.security.audit.enabled is set to true, Kibana ECS audit logs are enabled. Beginning with version 8.0, this setting is no longer necessary for ECS audit log output; it’s only necessary to set xpack.security.audit.enabled to true
xpack.security.audit.ignore_filters: List of filters that determine which audit events should be excluded from the ECS audit log.
xpack.security.audit.appender.kind: When set to "rolling-file" and xpack.security.audit.enabled is set to true, Kibana ECS audit logs are enabled.