Kibana Audit Logs

Can anyone tell me if the kibana audit logs are also included in the security audit logs stored by opendistro when configuring elasticsearch.yml as per Audit Logs - Open Distro Documentation ?

X-pack documentation refers to kibana audit logs as a separate thing that need to be configured through kibana.yml (Audit logs | Kibana Guide [8.4] | Elastic). Is it the same with opendistro? Are they also only sent to stdout by default?

Or can I set opendistro_security.audit.type directly in kibana.yml?

My end goal is to store all audit logs to an external store, either Azure blob storage or Azure Log Analytics. I thing I may be able to achieve that using a custom log4j appender for the elasticsearch logs but I need to know if I need to find a way to also do this for kibana.


@khris_tian which kibana audit log are you referring to? security plugin comes with audit log which is stored in separate index, external configuration is possible. This covers all access to kibana, protected indices etc. But I’m not sure what you mean by kibana audit log, is it the usual log from kibana?