There is similar topic here and here
ILM is what you need at the end.
You can try to delete some logs on disks or documents from ES, but it's time consuming, need by cautious. Make your query as you wish and test on unimportant or new test index.
POST indexname/_delete_by_query
{
"query": {
"range": {
"@timestamp": {
"lte": "2023-01-01T00:00:00.000Z",
"format": "strict_date_optional_time"
}
}
}
}