diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrail.java b/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrail.java
index 58d7dafac50..0bfc1d75542 100644
--- a/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrail.java
+++ b/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrail.java
@@ -6,10 +6,10 @@
package org.elasticsearch.xpack.security.audit;
import org.elasticsearch.rest.RestRequest;
-import org.elasticsearch.transport.TransportMessage;
+import org.elasticsearch.xpack.security.user.User;
import org.elasticsearch.xpack.security.authc.AuthenticationToken;
import org.elasticsearch.xpack.security.transport.filter.SecurityIpFilterRule;
-import org.elasticsearch.xpack.security.user.User;
+import org.elasticsearch.transport.TransportMessage;
import java.net.InetAddress;
diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrailService.java b/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrailService.java
index 5882eb84be7..8b7868caad6 100644
--- a/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrailService.java
+++ b/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrailService.java
@@ -5,6 +5,10 @@
*/
package org.elasticsearch.xpack.security.audit;
+import java.net.InetAddress;
+import java.util.Collections;
+import java.util.List;
+
import org.elasticsearch.common.component.AbstractComponent;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.license.XPackLicenseState;
@@ -14,10 +18,6 @@ import org.elasticsearch.xpack.security.authc.AuthenticationToken;
import org.elasticsearch.xpack.security.transport.filter.SecurityIpFilterRule;
import org.elasticsearch.xpack.security.user.User;
-import java.net.InetAddress;
-import java.util.Collections;
-import java.util.List;
-
public class AuditTrailService extends AbstractComponent implements AuditTrail {
private final XPackLicenseState licenseState;
diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrail.java b/plugin/src/main/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrail.java
index 13789b6aac2..af4bbb63bae 100644
--- a/plugin/src/main/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrail.java
+++ b/plugin/src/main/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrail.java
@@ -279,7 +279,6 @@ public class LoggingAuditTrail extends AbstractComponent implements AuditTrail,
if (events.contains(ACCESS_DENIED)) {
String indices = indicesString(message);
final LocalNodeInfo localNodeInfo = this.localNodeInfo;
-
if (indices != null) {
logger.info("{}[transport] [access_denied]\t{}, {}, roles=[{}], action=[{}], indices=[{}], request=[{}]",
localNodeInfo.prefix, originAttributes(threadContext, message, localNodeInfo), principal(user),
diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/authz/IndicesAndAliasesResolver.java b/plugin/src/main/java/org/elasticsearch/xpack/security/authz/IndicesAndAliasesResolver.java
index 85b6c5ee0fd..9bba9dfa503 100644
--- a/plugin/src/main/java/org/elasticsearch/xpack/security/authz/IndicesAndAliasesResolver.java
+++ b/plugin/src/main/java/org/elasticsearch/xpack/security/authz/IndicesAndAliasesResolver.java
@@ -5,6 +5,18 @@
*/
package org.elasticsearch.xpack.security.authz;
+import java.net.InetSocketAddress;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.SortedMap;
+import java.util.concurrent.CopyOnWriteArraySet;
+import java.util.stream.Collectors;
+
import org.elasticsearch.action.AliasesRequest;
import org.elasticsearch.action.IndicesRequest;
import org.elasticsearch.action.admin.indices.alias.IndicesAliasesRequest;
@@ -27,18 +39,6 @@ import org.elasticsearch.transport.RemoteClusterAware;
import org.elasticsearch.transport.TransportRequest;
import org.elasticsearch.xpack.graph.action.GraphExploreRequest;
-import java.net.InetSocketAddress;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.SortedMap;
-import java.util.concurrent.CopyOnWriteArraySet;
-import java.util.stream.Collectors;
-
public class IndicesAndAliasesResolver {
//placeholder used in the security plugin to indicate that the request is authorized knowing that it will yield an empty response
@@ -84,6 +84,7 @@ public class IndicesAndAliasesResolver {
*
* Otherwise, N will be added to the local index list.
*/
+
public ResolvedIndices resolve(TransportRequest request, MetaData metaData, AuthorizedIndices authorizedIndices) {
if (request instanceof IndicesAliasesRequest) {
ResolvedIndices indices = ResolvedIndices.empty();
diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/audit/AuditTrailServiceTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/audit/AuditTrailServiceTests.java
index 385fb350027..8b7aa2bc46b 100644
--- a/plugin/src/test/java/org/elasticsearch/xpack/security/audit/AuditTrailServiceTests.java
+++ b/plugin/src/test/java/org/elasticsearch/xpack/security/audit/AuditTrailServiceTests.java
@@ -6,14 +6,14 @@
package org.elasticsearch.xpack.security.audit;
import org.elasticsearch.common.settings.Settings;
-import org.elasticsearch.license.XPackLicenseState;
import org.elasticsearch.rest.RestRequest;
-import org.elasticsearch.test.ESTestCase;
-import org.elasticsearch.transport.TransportMessage;
+import org.elasticsearch.license.XPackLicenseState;
+import org.elasticsearch.xpack.security.user.User;
import org.elasticsearch.xpack.security.authc.AuthenticationToken;
import org.elasticsearch.xpack.security.transport.filter.IPFilter;
import org.elasticsearch.xpack.security.transport.filter.SecurityIpFilterRule;
-import org.elasticsearch.xpack.security.user.User;
+import org.elasticsearch.test.ESTestCase;
+import org.elasticsearch.transport.TransportMessage;
import org.junit.Before;
import java.net.InetAddress;
diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailMutedTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailMutedTests.java
index ea9093bb81f..8936fedcf83 100644
--- a/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailMutedTests.java
+++ b/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailMutedTests.java
@@ -5,6 +5,11 @@
*/
package org.elasticsearch.xpack.security.audit.index;
+import java.net.InetAddress;
+import java.util.concurrent.BlockingQueue;
+import java.util.concurrent.LinkedBlockingQueue;
+import java.util.concurrent.atomic.AtomicBoolean;
+
import org.elasticsearch.action.Action;
import org.elasticsearch.action.ActionListener;
import org.elasticsearch.action.ActionRequest;
@@ -30,11 +35,6 @@ import org.elasticsearch.xpack.security.user.User;
import org.junit.After;
import org.junit.Before;
-import java.net.InetAddress;
-import java.util.concurrent.BlockingQueue;
-import java.util.concurrent.LinkedBlockingQueue;
-import java.util.concurrent.atomic.AtomicBoolean;
-
import static org.hamcrest.Matchers.is;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verifyZeroInteractions;
diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java
index 484b0e7acf0..f84713063e4 100644
--- a/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java
+++ b/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java
@@ -524,7 +524,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase {
assertThat((Iterable) sourceMap.get(IndexAuditTrail.Field.ROLE_NAMES), containsInAnyOrder(role));
if (message instanceof IndicesRequest) {
List