Ok, resolving this task. EFK work missing investigations: 1. Improved mapping for audit log messages (John's feedback) w/o defining every single field in the message JSON 2. Provisioning Kibana with predefined dashboards (going to require some work on an operator) These are to be followed up on different tasks. |