Help with storing logs on e:\

deepbrah · July 26, 2016, 1:34pm

Hey all...Network guy here...I've got the ELK stack up and running on my test environment and everything is fine...

I've got the go ahead to put it in production -- where I have a 100GB HD for the OS and the services, and an external drive (E:\ in this case) where I want to store the log files.

Can someone kindly tell me how to set it up so all of the logs are stored on E:?

I've read some and investigated the files where someone said the log path was stored...but I found it a bit confusing (not a super systems guy here)...I'm running things on Windows Server if that matters.

Thanks so much!!

warkolm · July 27, 2016, 5:00am

I assume you are storing the data in Elasticsearch, if so check out https://www.elastic.co/guide/en/elasticsearch/reference/2.3/modules-node.html#data-path.

It's set in elasticsearch.yml.

deepbrah · July 27, 2016, 12:12pm

Thanks so much @warkolm ! I'm going to have a question incoming...

So I have two lines in there:

path.data: /path/to/data##

path.logs: /path/to/logs##

From what the article is saying, the path.data I want to change...but to me, it looks like it's in 'linux' format.

Essentially, if i do the following:

path.data: e:\elastdata##

That will put my data in that folder?

What about the path.logs -- sounds to me like logs are going to path.logs?

Thanks so much!

anhlqn · July 27, 2016, 7:26pm

Just set path.data: E:/elastdata. The path.logs is optional, logs will stay in ES installation folder

deepbrah · July 27, 2016, 7:38pm

Alright, thanks so much. I'll try it in the morning...thanks a lot for the help.

deepbrah · July 28, 2016, 12:03pm

I've changed the following:

path.data: e:\elas\data
path.logs: e:\elas\logs

restarted the services, and the logs are not going to e:\

I then created the corresponding folders, restarted the services

and they are just empty folders.

Kibana is still showing new syslog information in the search...so the logs are just getting stored in the default location.

deepbrah · July 28, 2016, 12:56pm

OK thanks -- I got it working.

Apparently editing in Windows Notepad.exe corrupts the YAML file.

So I replaced my configuration file with the new, default one.
Used Notepad++ to edit the configuration this time
Restarted the services
and now it's working properly and storing logs on the e drive.

Going to add YAML to my resume

anhlqn · July 28, 2016, 4:29pm

Stay away from the Windows notepad for most config files ^^. Glad to hear your ES is working now.

Topic		Replies	Views
How can I configure Elasticsearch to use our SAN drive? Elasticsearch	10	3920	July 5, 2017
Folder shared for elastcisearch logs Elasticsearch	6	404	February 22, 2021
Where does Elasticsearch store logs? Elasticsearch	7	17529	October 21, 2019
Changing logstash location to a different drive on Windows Logstash	2	627	July 6, 2017
Set up log file Logstash	5	564	July 6, 2017

Help with storing logs on e:\

path.data: /path/to/data##

path.logs: /path/to/logs##

path.data: e:\elastdata##

Related topics