Audit logging initial state description. (#6570)

* Update index.md Signed-off-by: Pawel Wlodarczyk <pawel.wlodarczyk@eliatra.com> * Update index.md Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> * Apply suggestions from code review Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> --------- Signed-off-by: Pawel Wlodarczyk <pawel.wlodarczyk@eliatra.com> Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2025-02-08 17:34:41 +00:00 · 2024-03-06 16:39:10 +00:00 · 2024-03-06 16:39:10 +00:00 · 4f6a11f3c7
commit 4f6a11f3c7
parent bfed90f699
1 changed files with 5 additions and 1 deletions
--- a/_security/audit-logs/index.md
+++ b/_security/audit-logs/index.md
@ -26,7 +26,7 @@ redirect_from:
 Audit logs let you track access to your OpenSearch cluster and are useful for compliance purposes or in the aftermath of a security breach. You can configure the categories to be logged, the detail level of the logged messages, and where to store the logs.
-To enable audit logging:
+Audit logging is disabled by default. To enable audit logging:
 1. Add the following line to `opensearch.yml` on each node:
@ -220,3 +220,7 @@ The default setting is `10`. Setting this value to `0` disables the thread pool,
 plugins.security.audit.config.threadpool.max_queue_len: 100000
 ```
 ## Disabling audit logs
 To disable audit logs after they've been enabled, remove the `plugins.security.audit.type: internal_opensearch` setting from `opensearch.yml`, or switch off the **Enable audit logging** check box in OpenSearch Dashboards.