I have enabled audit logging (which I believe was enabled by default anyways) using the following configuration in my
opendistro_security.audit.type: internal_elasticsearch opendistro_security.audit.enable_rest: true opendistro_security.audit.enable_transport: true
However, whenever I attempt to log into the Kibana interface (successfully using LDAP or using a local admin account), a single event gets logged with:
audit_category: FAILED_LOGIN audit_request_effective_user: <NONE> ...
Does anyone have any idea why this is?