Description
When logging is configured to output either elasticsearch queries or elasticsearch deprecations (when the elasticsearch.query
or elasticsearch.deprecation
log contexts are configured to use the debug
or all
levels), we're writing the whole ES request's payload/body to the logs.
This was historically the case, as it was already done with the legacy ES client and before the Kibana platform, and was just reproduced in Kibana platform when we migrated the service from legacy.
However, there are some cases where outputting the whole request payload can be a problem:
- In case of heavy payloads
Heavy requests (like more than 10mb) will be fully outputted to the logs. When writing to stdout (did not test with file appender), this can freeze the Kibana process for a time, which is a real problem.
We may want to define a threshold to limit the requests that fully outputted to the logs. If a request's body exceed this arbitrary size, we should redact it, excerpt it, or truncate it to avoid issues.
- In case of sensitive informations
Not sure this is a real problem, would like to have the @elastic/kibana-security opinion on this one, but I suspect we may have overlooked the potential sensitive nature of some requests when the query logging was initially implemented long ago, and we may want to redact some request, either by redacting some fields, or on a per-endpoint basis.