Within the Graphic User Interface (GUI) of EDR 3.2-4.3, on the Logging-> Audit page, instead of the audit log entries that are expected, Endpoint Detection and Response (EDR) displays the results for Search -> Database ->Events.
Attempting to search for audit entries (i.e. using "type_id:20 OR type_id:21") returns 0 results even when searching for all time.

A missing kabana index

Upgrade to EDR 4.4 to prevent future occurrences.