I have a 50G root partition and the Elasticsearch cluster log files have consumed the whole drive on two of my 3 nodes. The files are located in /var/log/elasticsearch. Whats the best way of keeping these files under control and from filling up the drive?
Typically, Elasticsearch is not very chatty when it comes to the log messages with default log settings. So, if you didn't change the log settings, these 50G of log messages might indicate that something really wrong is going on in the cluster. What kind of errors do you see in the log files?
I went back and it looks like most of these logs were created while we were having issues with one of the nodes in the cluster. I ended up deleting all of the logs on each of the servers. Will continue to monitor from here on out. Thanks!