[j_anstice]

I agree that the passwords should not be logged in any circumstances (if I had to guess, I might suspect that disk log files were ingested straight to elasticsearch), but I don't think this invalidates my argument that elasticsearch out of the box is not suitable for any data you intend to not share with the world.

[munk-a]

There is a separate thread about security best practice learning that touches on the question of if the rote security knowledge we pass on is making it more likely that someone logs a password. I think a discussion around logging habits is much more relevant and while elasticsearch may have _also_ been misconfigured, pumping passwords into an internally viewable log file is a bad idea even if that file is well secured.