Hi
I have noticed that index grew almost 100Gb/day, remaining the almost similar overall message count
How can i find/anaylze which log files have change their size recently ?
unfortunately you can’t order by size.
do a search 
under source you can check the top sources, after search, and check the incoming log messages.
Or you can try with elasticdump, and some linux cli tricks you can do it.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.