Log4j management of access files created by Elasticsearch

Hi there,

I am running Elasticsearch 7.16.1 and also have auditing configured. I am using a default log4j properties files which I had to extend to gzip the audit files. This is not included in the 7.16.1 log4j2 properties file.

However I note that access logs are being generated in the form of <cluster_name>_access.log. These files are being rolled over every night but there seems to be nothing in the log4j2 properties file to manage such files. I cannot see any mention of access files in the properties file. I assume they are picked up by some other rolling.filePattern. However none seems to match. I am confused.

Does anyone else have a similar problem?

I did raise a ticket, but as Log4j is a third-party library and comes with a reasonable default configuration, they wouldn't progress it.

Kind regards.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.