Open martijnvg opened 2 years ago
Pinging @elastic/es-data-management (Team:Data Management)
Thanks @martijnvg! This would be very helpful for 8.0 where the Security ON by default flow will print passwords and other relevant information in the startup message. Reducing the footprint of GeoIP could greatly improve discoverability.
Is that something that you would see doable in that timeframe?
cc @elastic/es-security
I would need to discuss this with the @elastic/es-data-management team. I think as a first step we can reduce most info logging to debug statements, but grouping multiple successful reloads / downloads message into a single log message, so that at most to info logs are printed, may require some more work.
But I think that the first step/part, can be be done for 8.0. We should result in at most 6 info log lines, if node is both ingest node and the geoip download persistent task runs on that node as well.
related: #81397 and #81398
Currently when the geoip processor infrastructure is started up a lot of logging is printed out to the console by default:
This is too verbose and makes it more difficult to spot other important messages. Most of this logging should be turned into a debug logging and ideally geoip Infrastructure should print out 1 or 2 info messages.
Something like this:
The first message is whether the geoip downloader successfully downloaded the database files from the external download service into the special geoip database system index. This will only be printed on the node that performed the geoip download task.
The second message is whether an ingest node downloaded the database files from the geoip system index into a temp directory successfully, so that geoip processor can load it for geoip enrichment. This will be printed on each ingest node.