Can't find my ES logs


(thealy) #1

New guy running ES 0.90.3 on RedHat, with 7 nodes.

But on all my RedHat nodes, which are running fine apparently, there are no
logs being written in the directory specified in elasticsearch.yml
by path.logs: /elastic/logs. I also see logs created in
/var/log/elasticsearch/ from the date of install, but they are not being
appended to. My Ubuntu nodes are logging fine to the configured directory.

What am I doing wrong?

-Terry

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.


(Mark Walkom) #2

Per
http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/setup-configuration.html
If you have "path.log: /elastic/logs" then that is the directory it'll log
to, so you need to make sure it exists.

You are probably better off just leaving the default, which is
/var/log/elasticsearch.

Regards,
Mark Walkom

Infrastructure Engineer
Campaign Monitor
email: markw@campaignmonitor.com
web: www.campaignmonitor.com

On 19 October 2013 02:32, Terry Healy thealy@bnl.gov wrote:

New guy running ES 0.90.3 on RedHat, with 7 nodes.

But on all my RedHat nodes, which are running fine apparently, there are
no logs being written in the directory specified in elasticsearch.yml
by path.logs: /elastic/logs. I also see logs created in
/var/log/elasticsearch/ from the date of install, but they are not being
appended to. My Ubuntu nodes are logging fine to the configured directory.

What am I doing wrong?

-Terry

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.


(Vishal Kapoor) #3

This is more generic troubleshooting tip, but you could look at the list of
open files elasticsearch process is holding.
once you know the pid, just do a
lsof -p | grep log
and you should be able to see the log file if you have the correct
permissions...

hope it helps.

Vishal

On Fri, Oct 18, 2013 at 4:37 PM, Mark Walkom markw@campaignmonitor.comwrote:

Per
http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/setup-configuration.html
If you have "path.log: /elastic/logs" then that is the directory it'll
log to, so you need to make sure it exists.

You are probably better off just leaving the default, which is
/var/log/elasticsearch.

Regards,
Mark Walkom

Infrastructure Engineer
Campaign Monitor
email: markw@campaignmonitor.com
web: www.campaignmonitor.com

On 19 October 2013 02:32, Terry Healy thealy@bnl.gov wrote:

New guy running ES 0.90.3 on RedHat, with 7 nodes.

But on all my RedHat nodes, which are running fine apparently, there are
no logs being written in the directory specified in elasticsearch.yml
by path.logs: /elastic/logs. I also see logs created in
/var/log/elasticsearch/ from the date of install, but they are not being
appended to. My Ubuntu nodes are logging fine to the configured directory.

What am I doing wrong?

-Terry

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.


(Otis Gospodnetić) #4

Hi Terry,

My first 2 thoughts:

  • directory write permission issue
  • dir doesn't actually exist.

ls its parent.

Otis

Solr & ElasticSearch Support -- http://sematext.com/
Performance Monitoring -- http://sematext.com/spm

On Friday, October 18, 2013 11:32:48 AM UTC-4, Terry Healy wrote:

New guy running ES 0.90.3 on RedHat, with 7 nodes.

But on all my RedHat nodes, which are running fine apparently, there are
no logs being written in the directory specified in elasticsearch.yml
by path.logs: /elastic/logs. I also see logs created in
/var/log/elasticsearch/ from the date of install, but they are not being
appended to. My Ubuntu nodes are logging fine to the configured directory.

What am I doing wrong?

-Terry

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.


(thealy) #5

Mark, Vishal, Otis: Thanks very much for taking the time to help me out.
I've trued to combine your suggested troublshooting actions, but still
seem to be stuck.


First, I tried lsof with the elasticsearch PID, but all it found was the
logging .jar file:

[root@hd60:~]# service elasticsearch status
elasticsearch (pid 24353) is running...

[root@hd60:~]# lsof -p 24353 | grep log

java 24353 elasticsearch mem REG 8,3 489884
396751 /usr/share/elasticsearch/lib/log4j-1.2.17.jar

java 24353 elasticsearch 5r REG 8,3 489884
396751 /usr/share/elasticsearch/lib/log4j-1.2.17.jar


My config says:

path.logs: /elastic1/logs

The referred to directory, which is empty, has these permissions /
ownership.

drwxr-xr-x. 2 elasticsearch elasticsearch 4096 Sep 18 10:37 logs


Looking in /var/log/elasticsearch, it was written to during in initial
install. After this I stopped it, set the clustername, host config, etc.
including the path.logs value above.

[root@hd60:/var/log]# ls -la /var/log/elasticsearch/

total 12
drwxr-xr-x. 2 elasticsearch elasticsearch 4096 Sep 17 16:52 .

drwxr-xr-x. 10 root root 4096 Oct 20 03:47 ..

-rw-r--r--. 1 elasticsearch elasticsearch 0 Sep 17 16:52
elasticsearch_index_indexing_slowlog.log

-rw-r--r--. 1 elasticsearch elasticsearch 0 Sep 17 16:52
elasticsearch_index_search_slowlog.log

-rw-r--r--. 1 elasticsearch elasticsearch 1674 Sep 17 17:05
elasticsearch.log


So I tried being very liberal with the permissions on /elastic1/logs,
and then restarting:

[root@hd60:/elastic1]# chmod -R a+wr logs

[root@hd60:/elastic1]# service elasticsearch restart

Stopping elasticsearch: [ OK ]
Starting elasticsearch: [ OK ]
[root@hd60:/elastic1]# log4j:WARN No appenders could be found for logger
(common.jna).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for
more info.

I have looked at the page referred to by the log4j error, but frankly I
do not understand what it is telling me to do.

-Terry

On 10/18/2013 05:52 PM, Vishal Kapoor wrote:

This is more generic troubleshooting tip, but you could look at the list
of open files elasticsearch process is holding.
once you know the pid, just do a
lsof -p | grep log
and you should be able to see the log file if you have the correct
permissions...

hope it helps.

Vishal

On Fri, Oct 18, 2013 at 4:37 PM, Mark Walkom <markw@campaignmonitor.com
mailto:markw@campaignmonitor.com> wrote:

Per http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/setup-configuration.html
If you have "path.log: /elastic/logs" then that is the directory
it'll log to, so you need to make sure it exists.

You are probably better off just leaving the default, which is
/var/log/elasticsearch.

Regards,
Mark Walkom

Infrastructure Engineer
Campaign Monitor
email: markw@campaignmonitor.com <mailto:markw@campaignmonitor.com>
web: www.campaignmonitor.com <http://www.campaignmonitor.com>


On 19 October 2013 02:32, Terry Healy <thealy@bnl.gov
<mailto:thealy@bnl.gov>> wrote:

    New guy running ES 0.90.3 on RedHat, with 7 nodes. 

    But on all my RedHat nodes, which are running fine apparently,
    there are no logs being written in the directory specified in
    elasticsearch.yml by path.logs: /elastic/logs. I also see logs
    created in /var/log/elasticsearch/ from the date of install, but
    they are not being appended to. My Ubuntu nodes are logging fine
    to the configured directory.

    What am I doing wrong?

    -Terry

    -- 
    You received this message because you are subscribed to the
    Google Groups "elasticsearch" group.
    To unsubscribe from this group and stop receiving emails from
    it, send an email to elasticsearch+unsubscribe@googlegroups.com
    <mailto:elasticsearch%2Bunsubscribe@googlegroups.com>.
    For more options, visit https://groups.google.com/groups/opt_out.


-- 
You received this message because you are subscribed to the Google
Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to elasticsearch+unsubscribe@googlegroups.com
<mailto:elasticsearch%2Bunsubscribe@googlegroups.com>.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to a topic in the
Google Groups "elasticsearch" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/elasticsearch/GmwkbGUG38w/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.


(thealy) #6

The whole issue was that I had:

path.conf: /etc/elasticsearch/elasticsearch.yml

Instead of the correct:

path.conf: /etc/elasticsearch

Sorry to waste your time. On to the next problem...

-Terry

On 10/21/2013 11:06 AM, Terry Healy wrote:

Mark, Vishal, Otis: Thanks very much for taking the time to help me out.
I've trued to combine your suggested troublshooting actions, but still
seem to be stuck.


First, I tried lsof with the elasticsearch PID, but all it found was the
logging .jar file:

[root@hd60:~]# service elasticsearch status
elasticsearch (pid 24353) is running...

[root@hd60:~]# lsof -p 24353 | grep log

java 24353 elasticsearch mem REG 8,3 489884
396751 /usr/share/elasticsearch/lib/log4j-1.2.17.jar

java 24353 elasticsearch 5r REG 8,3 489884
396751 /usr/share/elasticsearch/lib/log4j-1.2.17.jar


My config says:

path.logs: /elastic1/logs

The referred to directory, which is empty, has these permissions /
ownership.

drwxr-xr-x. 2 elasticsearch elasticsearch 4096 Sep 18 10:37 logs


Looking in /var/log/elasticsearch, it was written to during in initial
install. After this I stopped it, set the clustername, host config, etc.
including the path.logs value above.

[root@hd60:/var/log]# ls -la /var/log/elasticsearch/

total 12
drwxr-xr-x. 2 elasticsearch elasticsearch 4096 Sep 17 16:52 .

drwxr-xr-x. 10 root root 4096 Oct 20 03:47 ..

-rw-r--r--. 1 elasticsearch elasticsearch 0 Sep 17 16:52
elasticsearch_index_indexing_slowlog.log

-rw-r--r--. 1 elasticsearch elasticsearch 0 Sep 17 16:52
elasticsearch_index_search_slowlog.log

-rw-r--r--. 1 elasticsearch elasticsearch 1674 Sep 17 17:05
elasticsearch.log


So I tried being very liberal with the permissions on /elastic1/logs,
and then restarting:

[root@hd60:/elastic1]# chmod -R a+wr logs

[root@hd60:/elastic1]# service elasticsearch restart

Stopping elasticsearch: [ OK ]
Starting elasticsearch: [ OK ]
[root@hd60:/elastic1]# log4j:WARN No appenders could be found for logger
(common.jna).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for
more info.

I have looked at the page referred to by the log4j error, but frankly I
do not understand what it is telling me to do.

-Terry

On 10/18/2013 05:52 PM, Vishal Kapoor wrote:

This is more generic troubleshooting tip, but you could look at the list
of open files elasticsearch process is holding.
once you know the pid, just do a
lsof -p | grep log
and you should be able to see the log file if you have the correct
permissions...

hope it helps.

Vishal

On Fri, Oct 18, 2013 at 4:37 PM, Mark Walkom <markw@campaignmonitor.com
mailto:markw@campaignmonitor.com> wrote:

Per http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/setup-configuration.html
If you have "path.log: /elastic/logs" then that is the directory
it'll log to, so you need to make sure it exists.

You are probably better off just leaving the default, which is
/var/log/elasticsearch.

Regards,
Mark Walkom

Infrastructure Engineer
Campaign Monitor
email: markw@campaignmonitor.com <mailto:markw@campaignmonitor.com>
web: www.campaignmonitor.com <http://www.campaignmonitor.com>


On 19 October 2013 02:32, Terry Healy <thealy@bnl.gov
<mailto:thealy@bnl.gov>> wrote:

    New guy running ES 0.90.3 on RedHat, with 7 nodes. 

    But on all my RedHat nodes, which are running fine apparently,
    there are no logs being written in the directory specified in
    elasticsearch.yml by path.logs: /elastic/logs. I also see logs
    created in /var/log/elasticsearch/ from the date of install, but
    they are not being appended to. My Ubuntu nodes are logging fine
    to the configured directory.

    What am I doing wrong?

    -Terry

    -- 
    You received this message because you are subscribed to the
    Google Groups "elasticsearch" group.
    To unsubscribe from this group and stop receiving emails from
    it, send an email to elasticsearch+unsubscribe@googlegroups.com
    <mailto:elasticsearch%2Bunsubscribe@googlegroups.com>.
    For more options, visit https://groups.google.com/groups/opt_out.


-- 
You received this message because you are subscribed to the Google
Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to elasticsearch+unsubscribe@googlegroups.com
<mailto:elasticsearch%2Bunsubscribe@googlegroups.com>.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to a topic in the
Google Groups "elasticsearch" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/elasticsearch/GmwkbGUG38w/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.


(Mark Walkom) #7

Is there any reason you are explicitly setting these rather than leaving
the implicit defaults?

Regards,
Mark Walkom

Infrastructure Engineer
Campaign Monitor
email: markw@campaignmonitor.com
web: www.campaignmonitor.com

On 22 October 2013 07:39, Terry Healy thealy@bnl.gov wrote:

The whole issue was that I had:

path.conf: /etc/elasticsearch/elasticsearch.yml

Instead of the correct:

path.conf: /etc/elasticsearch

Sorry to waste your time. On to the next problem...

-Terry

On 10/21/2013 11:06 AM, Terry Healy wrote:

Mark, Vishal, Otis: Thanks very much for taking the time to help me out.
I've trued to combine your suggested troublshooting actions, but still
seem to be stuck.


First, I tried lsof with the elasticsearch PID, but all it found was the
logging .jar file:

[root@hd60:~]# service elasticsearch status
elasticsearch (pid 24353) is running...

[root@hd60:~]# lsof -p 24353 | grep log

java 24353 elasticsearch mem REG 8,3 489884
396751 /usr/share/elasticsearch/lib/log4j-1.2.17.jar

java 24353 elasticsearch 5r REG 8,3 489884
396751 /usr/share/elasticsearch/lib/log4j-1.2.17.jar


My config says:

path.logs: /elastic1/logs

The referred to directory, which is empty, has these permissions /
ownership.

drwxr-xr-x. 2 elasticsearch elasticsearch 4096 Sep 18 10:37 logs


Looking in /var/log/elasticsearch, it was written to during in initial
install. After this I stopped it, set the clustername, host config, etc.
including the path.logs value above.

[root@hd60:/var/log]# ls -la /var/log/elasticsearch/

total 12
drwxr-xr-x. 2 elasticsearch elasticsearch 4096 Sep 17 16:52 .

drwxr-xr-x. 10 root root 4096 Oct 20 03:47 ..

-rw-r--r--. 1 elasticsearch elasticsearch 0 Sep 17 16:52
elasticsearch_index_indexing_slowlog.log

-rw-r--r--. 1 elasticsearch elasticsearch 0 Sep 17 16:52
elasticsearch_index_search_slowlog.log

-rw-r--r--. 1 elasticsearch elasticsearch 1674 Sep 17 17:05
elasticsearch.log


So I tried being very liberal with the permissions on /elastic1/logs,
and then restarting:

[root@hd60:/elastic1]# chmod -R a+wr logs

[root@hd60:/elastic1]# service elasticsearch restart

Stopping elasticsearch: [ OK ]
Starting elasticsearch: [ OK ]
[root@hd60:/elastic1]# log4j:WARN No appenders could be found for logger
(common.jna).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for
more info.

I have looked at the page referred to by the log4j error, but frankly I
do not understand what it is telling me to do.

-Terry

On 10/18/2013 05:52 PM, Vishal Kapoor wrote:

This is more generic troubleshooting tip, but you could look at the list
of open files elasticsearch process is holding.
once you know the pid, just do a
lsof -p | grep log
and you should be able to see the log file if you have the correct
permissions...

hope it helps.

Vishal

On Fri, Oct 18, 2013 at 4:37 PM, Mark Walkom <markw@campaignmonitor.com
mailto:markw@campaignmonitor.com> wrote:

Per

http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/setup-configuration.html

If you have "path.log: /elastic/logs" then that is the directory
it'll log to, so you need to make sure it exists.

You are probably better off just leaving the default, which is
/var/log/elasticsearch.

Regards,
Mark Walkom

Infrastructure Engineer
Campaign Monitor
email: markw@campaignmonitor.com <mailto:markw@campaignmonitor.com>
web: www.campaignmonitor.com <http://www.campaignmonitor.com>


On 19 October 2013 02:32, Terry Healy <thealy@bnl.gov
<mailto:thealy@bnl.gov>> wrote:

    New guy running ES 0.90.3 on RedHat, with 7 nodes.

    But on all my RedHat nodes, which are running fine apparently,
    there are no logs being written in the directory specified in
    elasticsearch.yml by path.logs: /elastic/logs. I also see logs
    created in /var/log/elasticsearch/ from the date of install, but
    they are not being appended to. My Ubuntu nodes are logging fine
    to the configured directory.

    What am I doing wrong?

    -Terry

    --
    You received this message because you are subscribed to the
    Google Groups "elasticsearch" group.
    To unsubscribe from this group and stop receiving emails from
    it, send an email to elasticsearch+unsubscribe@googlegroups.com
    <mailto:elasticsearch%2Bunsubscribe@googlegroups.com>.
    For more options, visit

https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google
Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to elasticsearch+unsubscribe@googlegroups.com
<mailto:elasticsearch%2Bunsubscribe@googlegroups.com>.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to a topic in the
Google Groups "elasticsearch" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/elasticsearch/GmwkbGUG38w/unsubscribe
.

To unsubscribe from this group and all its topics, send an email to
elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.


(thealy) #8

It just seemed reasonable to group them together. But this just made my
problem worse, so I guess this was a bad choice. Not my first....or last.
On Oct 21, 2013 5:49 PM, "Mark Walkom" markw@campaignmonitor.com wrote:

Is there any reason you are explicitly setting these rather than leaving
the implicit defaults?

Regards,
Mark Walkom

Infrastructure Engineer
Campaign Monitor
email: markw@campaignmonitor.com
web: www.campaignmonitor.com

On 22 October 2013 07:39, Terry Healy thealy@bnl.gov wrote:

The whole issue was that I had:

path.conf: /etc/elasticsearch/elasticsearch.yml

Instead of the correct:

path.conf: /etc/elasticsearch

Sorry to waste your time. On to the next problem...

-Terry

On 10/21/2013 11:06 AM, Terry Healy wrote:

Mark, Vishal, Otis: Thanks very much for taking the time to help me out.
I've trued to combine your suggested troublshooting actions, but still
seem to be stuck.


First, I tried lsof with the elasticsearch PID, but all it found was the
logging .jar file:

[root@hd60:~]# service elasticsearch status
elasticsearch (pid 24353) is running...

[root@hd60:~]# lsof -p 24353 | grep log

java 24353 elasticsearch mem REG 8,3 489884
396751 /usr/share/elasticsearch/lib/log4j-1.2.17.jar

java 24353 elasticsearch 5r REG 8,3 489884
396751 /usr/share/elasticsearch/lib/log4j-1.2.17.jar


My config says:

path.logs: /elastic1/logs

The referred to directory, which is empty, has these permissions /
ownership.

drwxr-xr-x. 2 elasticsearch elasticsearch 4096 Sep 18 10:37 logs


Looking in /var/log/elasticsearch, it was written to during in initial
install. After this I stopped it, set the clustername, host config, etc.
including the path.logs value above.

[root@hd60:/var/log]# ls -la /var/log/elasticsearch/

total 12
drwxr-xr-x. 2 elasticsearch elasticsearch 4096 Sep 17 16:52 .

drwxr-xr-x. 10 root root 4096 Oct 20 03:47 ..

-rw-r--r--. 1 elasticsearch elasticsearch 0 Sep 17 16:52
elasticsearch_index_indexing_slowlog.log

-rw-r--r--. 1 elasticsearch elasticsearch 0 Sep 17 16:52
elasticsearch_index_search_slowlog.log

-rw-r--r--. 1 elasticsearch elasticsearch 1674 Sep 17 17:05
elasticsearch.log


So I tried being very liberal with the permissions on /elastic1/logs,
and then restarting:

[root@hd60:/elastic1]# chmod -R a+wr logs

[root@hd60:/elastic1]# service elasticsearch restart

Stopping elasticsearch: [ OK ]
Starting elasticsearch: [ OK ]
[root@hd60:/elastic1]# log4j:WARN No appenders could be found for
logger
(common.jna).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfigfor
more info.

I have looked at the page referred to by the log4j error, but frankly I
do not understand what it is telling me to do.

-Terry

On 10/18/2013 05:52 PM, Vishal Kapoor wrote:

This is more generic troubleshooting tip, but you could look at the
list

of open files elasticsearch process is holding.
once you know the pid, just do a
lsof -p | grep log
and you should be able to see the log file if you have the correct
permissions...

hope it helps.

Vishal

On Fri, Oct 18, 2013 at 4:37 PM, Mark Walkom <
markw@campaignmonitor.com

mailto:markw@campaignmonitor.com> wrote:

Per

http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/setup-configuration.html

If you have "path.log: /elastic/logs" then that is the directory
it'll log to, so you need to make sure it exists.

You are probably better off just leaving the default, which is
/var/log/elasticsearch.

Regards,
Mark Walkom

Infrastructure Engineer
Campaign Monitor
email: markw@campaignmonitor.com <mailto:markw@campaignmonitor.com
web: www.campaignmonitor.com <http://www.campaignmonitor.com>


On 19 October 2013 02:32, Terry Healy <thealy@bnl.gov
<mailto:thealy@bnl.gov>> wrote:

    New guy running ES 0.90.3 on RedHat, with 7 nodes.

    But on all my RedHat nodes, which are running fine apparently,
    there are no logs being written in the directory specified in
    elasticsearch.yml by path.logs: /elastic/logs. I also see logs
    created in /var/log/elasticsearch/ from the date of install,

but

    they are not being appended to. My Ubuntu nodes are logging

fine

    to the configured directory.

    What am I doing wrong?

    -Terry

    --
    You received this message because you are subscribed to the
    Google Groups "elasticsearch" group.
    To unsubscribe from this group and stop receiving emails from
    it, send an email to

elasticsearch+unsubscribe@googlegroups.com

    <mailto:elasticsearch%2Bunsubscribe@googlegroups.com>.
    For more options, visit

https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google
Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to elasticsearch+unsubscribe@googlegroups.com
<mailto:elasticsearch%2Bunsubscribe@googlegroups.com>.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to a topic in the
Google Groups "elasticsearch" group.
To unsubscribe from this topic, visit

https://groups.google.com/d/topic/elasticsearch/GmwkbGUG38w/unsubscribe.

To unsubscribe from this group and all its topics, send an email to
elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to a topic in the
Google Groups "elasticsearch" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/elasticsearch/GmwkbGUG38w/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.


(system) #9