Hi all Elasticsearchers,
Is it possible to prevent logging to /var/log/messages? The /var/log/elasticsearch logs are sufficient and logging to /v/l/m is causing us some bother.
Thanks, Dan.
We're using RHEL and the RPM installation.
Hi all Elasticsearchers,
Is it possible to prevent logging to /var/log/messages? The /var/log/elasticsearch logs are sufficient and logging to /v/l/m is causing us some bother.
Thanks, Dan.
We're using RHEL and the RPM installation.
I'm also looking for the same answer. Any guidance is appreciated.
Elasticsearch is not logging to /var/log/messages.
Maybe you can shed some light by showing the log messages you want to get suppressed?
And yet, grep elastic /var/log/messages*
: http://pastebin.com/u5Jx4rdQ
You can see that Kibana is also logging here.
I'm no expert. Something to do with syslog?
Probably this: https://github.com/elastic/elasticsearch/issues/17220
I decided to rely purely on the logging file configured in elasticsearch.yml and disable elastic logging to the system journal. This can be achieved by:
Take a backup and make the changes:
[root@server ~]# diff /usr/lib/systemd/system/elasticsearch.service.bak /usr/lib/systemd/system/elasticsearch.service
< StandardOutput=journal
< StandardError=inherit
----
> #StandardOutput=journal
> #StandardError=inherit
> StandardOutput=null
> StandardError=null
Reload the service definition and ensure it's loaded as expected:
[root@server ~]# systemctl daemon-reload
[root@server ~]# systemctl cat elasticsearch.service | grep Standard
#StandardOutput=journal
#StandardError=inherit
StandardOutput=null
StandardError=null
Restart the service:
[root@server ~]# systemctl restart elasticsearch
Thanks. I’d been looking in /etc/init.d for similar (having found nothing in /etc/systemd/
Dan.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.