skip auditing only for InvalidIndexNameException

Author: slobodanadamovic

x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/AuthorizationService.java

@@ -503,7 +503,7 @@ private void authorizeAction(
                                 indicesAndAliasesResolver.resolve(action, request, projectMetadata, authorizedIndices)
                             ),
                             e -> {
-                                if (e instanceof IndexNotFoundException || e instanceof InvalidIndexNameException) {
+                                if (e instanceof InvalidIndexNameException) {
                                     logger.debug(
                                         () -> Strings.format(
                                             "failed [%s] action authorization for [%s] due [%s] exception",
@@ -514,8 +514,12 @@ private void authorizeAction(
                                         e
                                     );
                                     listener.onFailure(e);
+                                    return;
+                                }
+                                auditTrail.accessDenied(requestId, authentication, action, request, authzInfo);
+                                if (e instanceof IndexNotFoundException) {
+                                    listener.onFailure(e);
                                 } else {
-                                    auditTrail.accessDenied(requestId, authentication, action, request, authzInfo);
                                     listener.onFailure(actionDenied(authentication, authzInfo, action, request, e));
                                 }
                             }