Hello All,

New to Elasticsearch here and having an issue. I have an Ubuntu server (18.04) that I am using to send some security and firewall logs for period of retentions storage. I found an article on how to redirect the logs from Elasticsearch to mapped network drive where there is plenty of storage. It appears that this worked for about a day and stopped. All of the log folders created by the redirection, have the same date. The size of the directory is not changing so it is apparent that the logs are no longer being sent there or something else is going on. I was wondering if anyone might have an idea as to why the redirection of the logs might stop? There is still many TB of storage on the drive and the .yml file has not been changed since the it was edited to to redirect the logs. Any advice would be greatly appreciated.

Welcome to our community!

It'd be useful if you could share that article, or what you did to apply that article to your setup.

I will try to find and post a link to the article I read and follow. Basically it directed me to edit the Elasticsearch.yml file with the path to the external drive. I did so and it appeared to work briefly because I do have files/logs in that directory but for some reason it just stopped and I cant figure out what happened. My yml looks like this now:

path.data: /var/lib/Elasticsearch
#path.data: /media/powervault

Path to log files:

#path.logs: /var/log/Elasticsearch
path.logs: /media/powervault/log

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.