This coincides with another user's post from a couple of weeks back:
No idea what's going on here, sorry, Elasticsearch isn't directly interacting with the $LogFile or $Mft files so it's unclear why they're seeing so much churn. I've asked some of our Windows experts to take a look.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.