Can I blow out elasticsearch log directory "/var/log/elasticsearch" or is that a no no?

syost · May 2, 2020, 12:52am

I would like to monitor elasticsearch logs using filebeat and I see in my "elasticsearch.yml" these are stored...
path.logs: /var/log/elasticsearch

There's a bunch of stuff in here and I would just like to delete everything to help save space on my EC2 I'm testing in. May I do this?

Secondly, I see that in this directory there are several extensions being...

Are the "gz" just compressed versions of old logs? I'm nervous about these json files in here. I don't want to delete them if their needed.

Luca_Belluccini · May 2, 2020, 12:59am

It is possible to change the configuration of log4j2.properties file to auto-remove and/or auto-compress log files.

It is possible to reduce the amount of data kept to a maximum amount.

The gz logs are the compressed files which have been already rolled by size or time.

system · May 30, 2020, 12:59am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
[Elasticsearch] Delete logs Elasticsearch	3	434	November 26, 2019
Elasticsearch logs are getting piled up in /var/log/elasticsearch path. How to cater to this problem? Elasticsearch	4	3693	July 15, 2019
Delete Elasticsearch logs Elasticsearch	4	1091	December 28, 2020
Should I store ES GC logs in my stack? And is there a way to condense them? Beats elastic-stack-monitoring , filebeat	2	309	February 9, 2021
Delete old logs files Elasticsearch	4	1399	December 30, 2022