I have installed elasticsearch, kibana of 6.8.2 version on centos using RPM file and I have enabled basic authentication.
I need to modify all log paths to /apps/log instead of /var. For now I did modify log path but logs are not visible yet. Request your help to fix the issue.
Permission of /apps/log dr-xr-xr-x. 19 root root 268 Aug 20 22:20 /
Permission of /var/log dr-xr-xr-x. 19 root root 268 Aug 20 22:20
sudo systemctl status elasticsearch.service -l
● elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2019-09-09 18:09:42 PDT; 1h 38min ago
Docs: http://www.elastic.co
Main PID: 1431 (java)
CGroup: /system.slice/elasticsearch.service
├─1431 /bin/java -Xms1g -Xmx1g -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -XX:-OmitStackTraceInFastThrow -Dio.netty.noUnsafe=true -Dio.netty.noKeySetOptimization=true -Dio.netty.recycler.maxCapacityPerThread=0 -Dlog4j.shutdownHookEnabled=false -Dlog4j2.disable.jmx=true -Djava.io.tmpdir=/tmp/elasticsearch-8129687830883605587 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/lib/elasticsearch -XX:ErrorFile=/var/log/elasticsearch/hs_err_pid%p.log -XX:+PrintGCDetails -XX:+PrintGCDateStamps -XX:+PrintTenuringDistribution -XX:+PrintGCApplicationStoppedTime -Xloggc:/var/log/elasticsearch/gc.log -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=32 -XX:GCLogFileSize=64m -Des.path.home=/usr/share/elasticsearch -Des.path.conf=/etc/elasticsearch -Des.distribution.flavor=default -Des.distribution.type=rpm -cp /usr/share/elasticsearch/lib/* org.elasticsearch.bootstrap.Elasticsearch -p /var/run/elasticsearch/elasticsearch.pid --quiet
└─1929 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller
Sep 09 18:09:45 scdl-sduipa-001 elasticsearch[1431]: 2019-09-09 18:09:45,621 main ERROR Null object returned for RollingFile in Appenders.
Sep 09 18:09:45 scdl-sduipa-001 elasticsearch[1431]: 2019-09-09 18:09:45,621 main ERROR Null object returned for RollingFile in Appenders.
Sep 09 18:09:45 scdl-sduipa-001 elasticsearch[1431]: 2019-09-09 18:09:45,621 main ERROR Null object returned for RollingFile in Appenders.
Sep 09 18:09:45 scdl-sduipa-001 elasticsearch[1431]: 2019-09-09 18:09:45,621 main ERROR Null object returned for RollingFile in Appenders.
Sep 09 18:09:45 scdl-sduipa-001 elasticsearch[1431]: 2019-09-09 18:09:45,622 main ERROR Unable to locate appender "rolling" for logger config "root"
Sep 09 18:09:45 scdl-sduipa-001 elasticsearch[1431]: 2019-09-09 18:09:45,623 main ERROR Unable to locate appender "index_indexing_slowlog_rolling" for logger config "index.indexing.slowlog.index"
Sep 09 18:09:45 scdl-sduipa-001 elasticsearch[1431]: 2019-09-09 18:09:45,623 main ERROR Unable to locate appender "audit_rolling" for logger config "org.elasticsearch.xpack.security.audit.logfile.LoggingAuditTrail"
Sep 09 18:09:45 scdl-sduipa-001 elasticsearch[1431]: 2019-09-09 18:09:45,623 main ERROR Unable to locate appender "index_search_slowlog_rolling" for logger config "index.search.slowlog"
Sep 09 18:09:45 scdl-sduipa-001 elasticsearch[1431]: 2019-09-09 18:09:45,629 main ERROR Unable to locate appender "deprecated_audit_rolling" for logger config "org.elasticsearch.xpack.security.audit.logfile.DeprecatedLoggingAuditTrail"
Sep 09 18:09:45 scdl-sduipa-001 elasticsearch[1431]: 2019-09-09 18:09:45,629 main ERROR Unable to locate appender "deprecation_rolling" for logger config "org.elasticsearch.deprecation"