Odd API requests after upgrade to 2.11.1

I’ve just upgraded to Opensearch 2.11.1 and ever since the upgrade I am seeing some odd Usernames and requests in the audit log.

The usernames look something like this:


and the paths they are accessing are


They all come from localhost and ::1

They don’t look like OpenSearch URLs to me, but they started exactly when I upgraded from 2.9.0 to 2.11.1. Can anyone help me understand what these are and how to make them go away?

good question. would like to know also. have the same problem

Hi @jong,

How did you deploy your cluster? Is there by any chance IBM Edge Application Manager involved?