Details
-
Improvement
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
8.3
-
None
-
None
Description
At the moment, the Solr reference guide provides an example on how to log audit events to the standard Solr log (see https://lucene.apache.org/solr/guide/8_3/audit-logging.html). Those events are logged in the standard Solr log.
This enhancement proposes to include a simple explanation in the reference guide on how to configure log4j to log audit events in a separate file (this is possible already now with log4j, this issue is just about adding an example log4j configuration file for the Solr audit logger).
Reasoning behind this is that it can reduce the load on a SIEM system significantly as it only needs to process the relevant audit logs.
To be discussed: Should there be a standard log4j configuration when installing Solr to log into a separate file (maybe even the same log directory by default) all audit event