Hello,
I don’t know how to store the input logs in another directory. Is it possible to do this ? May i miss it in the documentation ?
PS : I installed graylog manually
In any case thanks you by advance for your answer and time.
All log messages are indexed into Elasticsearch.
You’ll have to change the data path of your Elasticsearch nodes.
https://www.elastic.co/guide/en/elasticsearch/reference/5.6/important-settings.html#path-settings
thanks you Jochen.
I changed the path.data directory like this in /etc/elasticsearch/elasticsearch.yml :
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
#path.data: /var/elasticsearch/data
#path:
data: "/var/elasticsearch/data"
#logs: "/var/elasticsearch/logs"
#
# Path to log files:
#
#path.logs: /var/elasticsearch/logs
But i have and error :
service elasticsearch status
Active: failed (Result: exit-code) since jeu. 2018-06-07 10:16:21 CEST; 28min ago
Docs: http://www.elastic.co
Process: 6608 ExecStart=/usr/share/elasticsearch/bin/elasticsearch -p ${PID_DIR}/elasticsearch.pid --quiet -Edefault.path.logs=${LOG_DIR} -Edefault.path.data=${DATA_DIR} -Edefault.path.conf=${CONF_DIR} (code=exited, status=1/FAILURE)
Process: 6607 ExecStartPre=/usr/share/elasticsearch/bin/elasticsearch-systemd-pre-exec (code=exited, status=0/SUCCESS)
Main PID: 6608 (code=exited, status=1/FAILURE)
In the log /var/log/elasticsearch/elasticsearch-2018-06-06.log i got this
[WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: java.lang.IllegalStateException: Unable to access 'path.data' (/var/elasticsearch/data)
I also found in this forum an solution but i don’t know how to proceed :
That configuration file is incorrect. Either use path.data or the split up hierarchical version, but only data won’t work.
The data path has to be writable for the system user running Elasticsearch.
You can check the file system permissions with the following command:
# namei -l /var/elasticsearch/data
Hello again,
I’m sorry i don’t understand your precedent post. Can you post an valid configuration of the /etc/elasticsearch/elasticsearch.yml ? Please
Re,
i did this and it seems to work :
In the config file /etc/init.d/elasticsearch/elasticsearch.yml i modified like this :
DATA_DIR="/var/elasticsearch/data"
LOG_DIR="/var/elasticsearch/logs"
In the config file /etc/elasticsearch i modified like this :
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by com$
#
path.data: ${DATA_DIR}
path.logs: ${LOG_DIR}
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.