Some Audit Logs Not Showing Up on Elesticsearch

[vela...@gmail.com]

Hi, 

For some reason, in ElasticSearch, I can see logstash-audit security events, but I don't see any storage-related events like C-STOREs, C-GETs, or C-MOVEs 

I can see the event messages being created in the audit-spool/Audit+Logger directory and disappearing when they get sent to Logstash, but for some reason, the events are not visible in Elasticsearch. 

I can not find any errors in server.log; logstash-wildfly and keycloak events are getting logged fine.

Here is a screenshot of PAT_CREATE and STORE events, but none are in ElasticSearch.

Any idea what this could be?