Add Elasticsearch audit configuration example to Ranger document

jonashartwig · web-flow · commit a1ddd17d27f1 · 2026-03-03T11:12:09.000+08:00
diff --git a/docs/src/main/sphinx/security/ranger-access-control.md b/docs/src/main/sphinx/security/ranger-access-control.md
@@ -8,7 +8,7 @@ column-masking, row-filtering and audit logging.
 ## Requirements
 
 * Access to a Apache Ranger deployment with the desired authorization policies.
-* Access to an audit store using Solr, HDFS, Log4J, or S3 to save audit logs.
+* Access to an audit store using Solr, HDFS, Log4J, Elasticsearch, or S3 to save audit logs.
 * Apache Ranger 2.5.0 and greater include the required Trino service definition.
   Earlier versions of Apache Ranger require an [update to the service definition
   available on
@@ -134,6 +134,49 @@ The following table lists the configuration properties for the Ranger access con
     <value></value>
     <description>URL to Solr deployment where the plugin should send access audits to</description>
   </property>
+
+  <property>
+    <name>xasecure.audit.destination.elasticsearch</name>
+    <value>disabled</value>
+    <description>Is es audit enabled? Allowed values to enable: enable, enabled, true</description>
+  </property>
+
+  <property>
+    <name>xasecure.audit.destination.elasticsearch.urls</name>
+    <value>host1,host2</value>
+    <description>Comma (,) separated list of es hosts.</description>
+  </property>
+  
+  <property>
+    <name>xasecure.audit.destination.elasticsearch.index</name>
+    <value>ranger_audits_write</value>
+    <description>The index to write audits to. Default: ranger_audits</description>
+  </property>
+
+  <property>
+    <name>xasecure.audit.destination.elasticsearch.port</name>
+    <value>9200</value>
+    <description>The port for es. Default: 9200</description>
+  </property>
+
+  <property>
+    <name>xasecure.audit.destination.elasticsearch.protocol</name>
+    <value>http</value>
+    <description>The http protocol to use during communication. Default: http</description>
+  </property>
+
+  <property>
+    <name>xasecure.audit.destination.elasticsearch.user</name>
+    <value>write_user</value>
+    <description>The username to authenticate towards es.</description>
+  </property>
+
+  <property>
+    <name>xasecure.audit.destination.elasticsearch.password</name>
+    <value>changeme</value>
+    <description>The password to authenticate towards es.</description>
+  </property>
+
 </configuration>
 ```
 
