Hey Guys,

Just noticed that logging on one of my light forwarders is taking up a lot of space:

myhost[05:15 PM]root:/opt/splunk/var/log/splunk# ls -lh

total 113M

116K -rw------- 1 root root 111K May 6 17:10 audit.log
0 -rw------- 1 root root 0 Apr 26 15:13 btool.log
4.0K -rw------- 1 root root 61 Apr 26 15:13 first_install.log
0 -rw------- 1 root root 0 Apr 26 15:31 intentions.log
12K -rw------- 1 root root 9.5K May 6 17:10 license_audit.log
15M -rw------- 1 root root 15M May 6 17:15 metrics.log
24M -rw------- 1 root root 24M May 5 10:12 metrics.log.1
24M -rw------- 1 root root 24M May 3 05:22 metrics.log.2
24M -rw------- 1 root root 24M May 1 00:30 metrics.log.3
24M -rw------- 1 root root 24M Apr 28 19:48 metrics.log.4
0 -rw------- 1 root root 0 Apr 26 15:31 scheduler.log
0 -rw------- 1 root root 0 Apr 26 15:31 searches.log
0 -rw------- 1 root root 0 Apr 26 15:31 searchhistory.log
2.0M -rw------- 1 root root 2.0M May 6 17:10 splunkd.log
556K -rw------- 1 root root 551K May 6 17:10 splunkd_access.log
4.0K -rw------- 1 root root 110 May 6 17:09 splunkd_stderr.log
0 -rw------- 1 root root 0 Apr 26 15:31 splunkd_stdout.log
0 -rw------- 1 root root 0 Apr 26 15:31 splunklogger.log
36K -rw------- 1 root root 33K Apr 26 15:36 web_access.log
20K -rw------- 1 root root 19K Apr 26 15:36 web_service.log

I don't care too much for these logs since I simply want light forwarder to forward system and application logs to my central log servers.

Anyway to fix this?

Let me know.

Thanks.

B