Logs and logging

edit

Logs and logging

edit

Documentation

edit

Learn about Enterprise Search logs and logging within the following documentation:

Known issues

edit

The following known issues affect Enterprise Search logs and logging:

  • Deployments may run out of memory if log_level:debug is enabled.

    This issue is known to affect Enterprise Search versions 8.5.1, 8.5.2, 8.5.3, and 8.6.0. This affects deployments with less than 4GB RAM. This issue does not affect Enterprise Search 8.6.0 running in a 4GB+ deployment.

    The easiest way to avoid this issue is to run Enterprise Search in a deployment with 4GB+ RAM. A workaround is to avoid leaving the log_level:debug setting enabled for Enterprise Search for an extended period of time.

  • (Fixed 8.5.3) Deployments do not collect Enterprise Search logs when using Docker images

    This issue is known to affect Enterprise Search versions 8.5.0, 8.5.1, and 8.5.2. A fix for this issue is expected in 8.5.3.

    The issue affects deployments using Elastic Cloud, Elastic Cloud Enterprise, and Elastic Cloud on Kubernetes. It also affects self-managed deployments using Docker images. The issue does not affect self-managed deployments using packages.

    Affected deployments do not collect analytics, API logs, and other Enterprise Search logs.

  • (Fixed 8.5.3) Deployments do not collect Enterprise Search logs when using Enterprise Search service account tokens

    This issue is known to affect Enterprise Search versions 8.5.0, 8.5.1, and 8.5.2. A fix for this issue is expected in 8.5.3.

    The issue affects self-managed deployments that have configured Enterprise Search to connect to Elasticsearch using the Enterprise Search service account token (elasticsearch.service_account_token).

    Affected deployments do not collect analytics, API logs, and other Enterprise Search logs.

    Affected deployments can work around this issue by additionally configuring a username and password to connect to Elasticsearch (elasticsearch.username) and (elasticsearch.password). These credentials will be used to ingest analytics, logs, and metrics data. Other Enterprise Search processes will continue to use the service account token.