Recovering xpack log4j configuration from not standart path

Hi,

I'm trying to configure the xpack audit logs in an EL installation that has the configuration outside the usual elasticsearch directory (path_base/config/).

I have xpack settings on two sites right now.

  • /base_path/config/x-pack
  • /other_conf_path/conf/elasticsearch/x-pack

When I start the service of elasticsearch that is configured, I do it this way:

...
ExecStart =/data/lmelk/tools/elasticsearch/bin/elasticsearch
-p $ {PID_DIR} /elasticsearch.pid
--quiet
-Edefault.path.logs = $ {LOG_DIR}
-Edefault.path.data = $ {DATA_DIR}
-Edefault.path.conf = $ {CONF_DIR}
...

Where $ {CONF_DIR} is informed with the value /other_conf_path/conf/elasticsearch

The system works fine, and I retrieve the configuration of the elasticsearch.yml and log4j.properties from the directory I want. But it's not the same with x-pack.

For some reason, I do not read the log4j x-pack configuration I have stored in /other_conf_path/conf/elasticsearch /x-pack but the default one in /base_path/config/x-pack

Writing the audit log to the root of the installation, in /base_path/

I may be missing some additional configuration at startup? Or something else?

Any ideas?

Regards,

False alarm, do not configure the path of the x-pack log4j.properties file well.

After proper updating, the log is spelled correctly.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.