Log Setup for Elasticsearch 2.3.3

Update the configuration file: /etc/elasticsearch/logging.yml to customize the logging format and behavior for ES 2.3.3.

  1. Logging has the needed ownership in the default location. Choose a separate, dedicated partition of ample size to move the log directory and make the elasticsearch user the owner of that directory:

    chown -R elasticsearch:elasticsearch <path_to_log_directory>
  2. Best practice - Turn off the rotation of log4j and use logrotate for better archiving and compression than the built-in log4j.

    1. Edit the logging.yml to limit the amount of space consumed by Elasticsearch log files in the event of an extremely high rate of error logging.
      Locate the file: section and make these changes:

      Before

      file: type: dailyRollingFile file: ${path.logs}/${cluster.name}.log datePattern: "'.'yyyy-MM-dd" ...

      After

      file: type: rollingFile # change from dailyRollingFile maxBackupIndex: 0 maxFileSize: 1000000000 # 1 GB file: ${path.logs}/${cluster.name}.log # datePattern: "'.'yyyy-MM-dd" # remove ...
    2. Repeat for the deprecation and slowlog log files, as appropriate:

© DataCore Software Corporation. · https://www.datacore.com · All rights reserved.