Where does elasticsearch writes the logs when run in service

Elastic Stack Elasticsearch
1

Hi all,

I wanted to know where does elasticsearch writes the log when run as service.
I tried starting the elasticsearch as service and it fails. Theres no data in /var/log/elasticsearch/elasticsearch.log

[root@sample test]# service elasticsearch status
ā— elasticsearch.service - Elasticsearch
   Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendo                                    r preset: disabled)
   Active: failed (Result: exit-code) since Fri 2018-01-26 02:51:38 EST; 1h 16mi                                    n ago
     Docs: http://www.elastic.co
  Process: 32581 ExecStart=/usr/share/elasticsearch/bin/elasticsearch -p ${PID_D                                    IR}/elasticsearch.pid --quiet (code=exited, status=1/FAILURE)
 Main PID: 32581 (code=exited, status=1/FAILURE)

Jan 26 02:51:38 sample elasticsearch[32581]: ^
Jan 26 02:51:38 sample elasticsearch[32581]: at [Source: sun.ni...
Jan 26 02:51:38 sample elasticsearch[32581]: in 'reader', line ...
Jan 26 02:51:38 sample elasticsearch[32581]: network.host: 142....
Jan 26 02:51:38 sample elasticsearch[32581]: ^
Jan 26 02:51:38 sample [32581]: ];
Jan 26 02:51:38 sample elasticsearch[32581]: at org.elasticsear...
Jan 26 02:51:38 sample systemd[1]: elasticsearch.service: main...E
Jan 26 02:51:38 sample systemd[1]: Unit elasticsearch.service ....
Jan 26 02:51:38 sample[1]: elasticsearch.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
[root@test]#

I would like to know why my service failed to start, thuss i am looking to some sort of log file for me to debug

2

Please don't post images of text as they are hardly readable and not searchable.

Instead paste the text and format it with </> icon. Check the preview window.

If you upgraded the kernel recently, that might be the cause.

3

Done formatting.

where excatly can i found this lines of log?

Jan 26 02:51:38 sample elasticsearch[32581]: ^
Jan 26 02:51:38 sample elasticsearch[32581]: at [Source: sun.ni...
Jan 26 02:51:38 sample elasticsearch[32581]: in 'reader', line ...
Jan 26 02:51:38 sample elasticsearch[32581]: network.host: 142....
Jan 26 02:51:38 sample elasticsearch[32581]: ^
4

Sounds like your elasticsearch.yml config file has a bad format.

5

I've checked my elasticsearch yml file and verify it with http://www.yamllint.com/
and its all fine

6

I think the problem is within here

#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
 path.data: /var/lib/elasticsearch
#
# Path to log files:
#
 path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------

I just remove the space before path.data & path.logs and its now working.

Btw, thank you dadoonet :slight_smile:

7

Glad you solve it. Indeed yaml format is a bit strict. :slight_smile: