Audit logging enables you to track access to your Elasticsearch cluster, log security related events and provide evidence in case of an attack. Audit logging helps you to stay compliant with security regulations like GDPR, HIPAA, ISO, PCI or SOX.
Document-level security restricts a user’s access to certain documents within an index. Field-level security enables you to include or exclude fields from the documents in the search result. This gives you full control over which roles can see what data, all the way down to individual fields.