Hello! Thanks for any help!
When running logstash, I am aware of the --log option that allows you to specify a log directory for logstash to log to. However, I do not know what logstash's settings are for rotating log files, removing old logs, etc. Currently, it seems as if logstash is leaving behind zipped logs for all history. Are there settings that I can use to automatically remove old logs? Or is the best way to do this using a cron job or something? I hope this question isn't too redundant, I had a hard time finding google results surrounding the logging behavior of logstash itself.
Not sure what you mean. Some kind of rationale behind the decision to rotate each day and keep the logs for seven days? No, there's no such documentation. Those number were probably chosen rather arbitrarily since they were nice and round and seemed like reasonably good ballpark figures.
I meant is there a website or some document published by elastic that I could have read that would have given me the information that you gave me in your first reply? Where can I read about the fact that logstash installs a lograte config in /etc/logrotate.d?
Thanks
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.