On my server, I've Filebeat and Metricbeat installed by RPM.
So I have folders in /etc for each product : /etc/metricbeat & /etc/filebeat.
My question is about the log rotation : I have searched in the process definition, in the yaml configuration file, in the logrotate.conf file, in logrotate.d
I'm still not able to find how my logs files are managed/purged/rotated.
In /var/log/metricbeat (or /var/log/filebeat), I have 7 files, the currently written log file, and 6 backlogs. Each of these 6 backlogs have a size of 10M.
Could you please tell me if there is settings where I can set how the logs must be managed ?
# Logging to rotating files. Set logging.to_files to false to disable logging to
# files.
logging.to_files: true
logging.files:
# Configure the path where the logs are written. The default is the logs directory
# under the home path (the binary location).
#path: /var/log/filebeat
# The name of the files where the logs are written to.
#name: filebeat
# Configure log file size limit. If limit is reached, log file will be
# automatically rotated
#rotateeverybytes: 10485760 # = 10MB
# Number of rotated log files to keep. Oldest files will be deleted first.
#keepfiles: 7
# The permissions mask to apply when rotating log files. The default value is 0600.
# Must be a valid Unix-style file permissions mask expressed in octal notation.
#permissions: 0600
# Set to true to log messages in json format.
#logging.json: false
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.