Why would you want to set the top-level log level to error? This means that you will have any informative log messages like if an index is created or deleted, etc. Informational messages are valuable if you need to reconstruct why your cluster is in a certain state. I strongly advise against making the change that you are seeking.
The status = error is setting the log level for the status logger, a special logger internal to Log4j 2, you do not need to worry about this setting and you should not change it.
I'm facing a situation that when I leave the log level not changed, sometimes log may increase to 10+ GB or more every day once there's something wrong with cluster.
The left space of disk may decrease in a very short time and may result in a series of problems.
After checking the log message, I found the type of them is always 'WARN'. It's due to unproper query, but I'd like to limit the disk space of log.
So I'd like to set log level to ''ERROR" to decrease the risk of full disk.
This is not the right solution to this problem. You should stop the offending query. Changing the log level to error only will leave you in a worse state because you will not have logs to diagnose other problems in the cluster.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.