Can I blow out elasticsearch log directory "/var/log/elasticsearch" or is that a no no?

syost · May 2, 2020, 12:52am

I would like to monitor elasticsearch logs using filebeat and I see in my "elasticsearch.yml" these are stored...
path.logs: /var/log/elasticsearch

There's a bunch of stuff in here and I would just like to delete everything to help save space on my EC2 I'm testing in. May I do this?

Secondly, I see that in this directory there are several extensions being...

Are the "gz" just compressed versions of old logs? I'm nervous about these json files in here. I don't want to delete them if their needed.

Luca_Belluccini · May 2, 2020, 12:59am

It is possible to change the configuration of log4j2.properties file to auto-remove and/or auto-compress log files.

It is possible to reduce the amount of data kept to a maximum amount.

The gz logs are the compressed files which have been already rolled by size or time.

system · May 30, 2020, 12:59am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.