Hi,
The goal is to archive audit logs on daily basis and recycle archives older than n days.
So far I haven't found correct property for audit_rolling appender to get this working.
This is what I have
appender.audit_rolling.type = RollingFile
appender.audit_rolling.name = audit_rolling
appender.audit_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_access.log
appender.audit_rolling.layout.type = PatternLayout
appender.audit_rolling.layout.pattern = [%d{ISO8601}] %m%n
appender.audit_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_access-%d{yyyy-MM-dd-HH-mm}-%i.log.gz
appender.audit_rolling.policies.type = Policies
appender.audit_rolling.policies.time.type = TimeBasedTriggeringPolicy
appender.audit_rolling.policies.time.interval = 1
appender.audit_rolling.policies.time.modulate = true
appender.audit_rolling.strategy.action.condition.age = 10D
The last string seems is not applicable and prevents ES from starting.
Please advice the correct way to rotate archived audit logs using log4j2.
ES version - 6.8.0
Thanks ahead,
Sergii