Prevent logging to /var/log/messages

Hi all Elasticsearchers,
Is it possible to prevent logging to /var/log/messages? The /var/log/elasticsearch logs are sufficient and logging to /v/l/m is causing us some bother.

Thanks, Dan.

We're using RHEL and the RPM installation.

I'm also looking for the same answer. Any guidance is appreciated.

Elasticsearch is not logging to /var/log/messages.

Maybe you can shed some light by showing the log messages you want to get suppressed?

And yet, grep elastic /var/log/messages*: http://pastebin.com/u5Jx4rdQ
You can see that Kibana is also logging here.

I'm no expert. Something to do with syslog?

Probably this: https://github.com/elastic/elasticsearch/issues/17220

I decided to rely purely on the logging file configured in elasticsearch.yml and disable elastic logging to the system journal. This can be achieved by:

Take a backup and make the changes:
[root@server ~]# diff /usr/lib/systemd/system/elasticsearch.service.bak /usr/lib/systemd/system/elasticsearch.service
< StandardOutput=journal
< StandardError=inherit
----
> #StandardOutput=journal
> #StandardError=inherit
> StandardOutput=null
> StandardError=null

Reload the service definition and ensure it's loaded as expected:
[root@server ~]# systemctl daemon-reload
[root@server ~]# systemctl cat elasticsearch.service | grep Standard
#StandardOutput=journal
#StandardError=inherit
StandardOutput=null
StandardError=null

Restart the service:
[root@server ~]# systemctl restart elasticsearch

Thanks. I’d been looking in /etc/init.d for similar (having found nothing in /etc/systemd/
Dan.