Fix audit logger logging to console even when disabled

Author: thomheymann

x-pack/plugins/security/server/audit/audit_service.test.ts

@@ -74,20 +74,6 @@ describe('#setup', () => {
     expect(logging.configure).toHaveBeenCalledWith(expect.any(Observable));
   });
 
-  it('does not configure logging when using legacy logger', async () => {
-    new AuditService(logger).setup({
-      license,
-      config: {
-        enabled: true,
-      },
-      logging,
-      http,
-      getCurrentUser,
-      getSpaceId,
-    });
-    expect(logging.configure).not.toHaveBeenCalled();
-  });
-
   it('registers post auth hook', () => {
     new AuditService(logger).setup({
       license,
@@ -181,7 +167,7 @@ describe('#createLoggingConfig', () => {
             "appenders": Array [
               "auditTrailAppender",
             ],
-            "context": "audit",
+            "context": "audit.ecs",
             "level": "info",
           },
         ],

x-pack/plugins/security/server/audit/audit_service.ts

@@ -67,7 +67,11 @@ export class AuditService {
    */
   private allowAuditLogging = false;
 
-  constructor(private readonly logger: Logger) {}
+  private ecsLogger: Logger;
+
+  constructor(private readonly logger: Logger) {
+    this.ecsLogger = logger.get('ecs');
+  }
 
   setup({
     license,
@@ -83,16 +87,13 @@ export class AuditService {
       });
     }
 
-    // Do not change logging for legacy logger
-    if (config.appender) {
-      // Configure logging during setup and when license changes
-      logging.configure(
-        license.features$.pipe(
-          distinctUntilKeyChanged('allowAuditLogging'),
-          createLoggingConfig(config)
-        )
-      );
-    }
+    // Configure logging during setup and when license changes
+    logging.configure(
+      license.features$.pipe(
+        distinctUntilKeyChanged('allowAuditLogging'),
+        createLoggingConfig(config)
+      )
+    );
 
     /**
      * Creates an {@link AuditLogger} scoped to the current request.
@@ -146,7 +147,7 @@ export class AuditService {
           },
         };
         if (filterEvent(meta, config.ignore_filters)) {
-          this.logger.info(event.message!, meta);
+          this.ecsLogger.info(event.message!, meta);
         }
       };
       return { log };
@@ -203,7 +204,7 @@ export const createLoggingConfig = (config: ConfigType['audit']) =>
     },
     loggers: [
       {
-        context: 'audit',
+        context: 'audit.ecs',
         level: config.enabled && config.appender && features.allowAuditLogging ? 'info' : 'off',
         appenders: ['auditTrailAppender'],
       },