admin/LogPatternExtractor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Первый запуск

Browse Source
This commit is contained in:
KuzarinM
2026-05-02 18:33:38 +03:00
commit cb55eaef01
51 changed files with 2127373 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

443
Resources/test/container-4l4be6.log Normal file
View File

@@ -0,0 +1,443 @@
Created elasticsearch keystore in /usr/share/elasticsearch/config/elasticsearch.keystore
{"@timestamp":"2026-03-17T06:42:42.248Z", "log.level": "INFO", "message":"version[9.1.3], pid[207], build[docker/0c781091a2f57de895a73a1391ff8426c0153c8d/2025-08-24T22:05:04.526302670Z], OS[Linux/5.15.0-171-generic/amd64], JVM[Oracle Corporation/OpenJDK 64-Bit Server VM/24.0.2/24.0.2+12-54]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.bootstrap.Elasticsearch","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:42:42.874Z", "log.level": "INFO", "message":"JVM home [/usr/share/elasticsearch/jdk], using bundled JDK [true]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.bootstrap.Elasticsearch","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:42:42.874Z", "log.level": "INFO", "message":"JVM arguments [-Des.networkaddress.cache.ttl=60, -Des.networkaddress.cache.negative.ttl=10, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -XX:-OmitStackTraceInFastThrow, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, --add-opens=org.apache.lucene.core/org.apache.lucene.codecs.lucene99=org.elasticsearch.server, --add-opens=org.apache.lucene.backward_codecs/org.apache.lucene.backward_codecs.lucene90=org.elasticsearch.server, --add-opens=org.apache.lucene.backward_codecs/org.apache.lucene.backward_codecs.lucene91=org.elasticsearch.server, --add-opens=org.apache.lucene.backward_codecs/org.apache.lucene.backward_codecs.lucene92=org.elasticsearch.server, --add-opens=org.apache.lucene.backward_codecs/org.apache.lucene.backward_codecs.lucene94=org.elasticsearch.server, --add-opens=org.apache.lucene.backward_codecs/org.apache.lucene.backward_codecs.lucene95=org.elasticsearch.server, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j2.formatMsgNoLookups=true, -Djava.locale.providers=CLDR, -Dorg.apache.lucene.vectorization.upperJavaFeatureVersion=24, -Des.path.home=/usr/share/elasticsearch, -Des.distribution.type=docker, -Des.java.type=bundled JDK, --enable-native-access=org.elasticsearch.nativeaccess,org.apache.lucene.core, --enable-native-access=ALL-UNNAMED, --illegal-native-access=deny, -Des.cgroups.hierarchy.override=/, -XX:ReplayDataFile=logs/replay_pid%p.log, -Des.entitlements.enabled=true, -XX:+EnableDynamicAgentLoading, -Djdk.attach.allowAttachSelf=true, --patch-module=java.base=/usr/share/elasticsearch/lib/entitlement-bridge/elasticsearch-entitlement-bridge-9.1.3.jar, --add-exports=java.base/org.elasticsearch.entitlement.bridge=org.elasticsearch.entitlement,java.logging,java.net.http,java.naming,jdk.net, -XX:+UseG1GC, -Djava.io.tmpdir=/tmp/elasticsearch-3690222037432936732, --add-modules=jdk.incubator.vector, -Dorg.apache.lucene.store.defaultReadAdvice=normal, -XX:+HeapDumpOnOutOfMemoryError, -XX:+ExitOnOutOfMemoryError, -XX:ErrorFile=hs_err_pid%p.log, -Xlog:gc*,gc+age=trace,safepoint:file=gc.log:utctime,level,pid,tags:filecount=32,filesize=64m, -Xms512m, -Xmx512m, -XX:MaxDirectMemorySize=268435456, -XX:G1HeapRegionSize=4m, -XX:InitiatingHeapOccupancyPercent=30, -XX:G1ReservePercent=15, --module-path=/usr/share/elasticsearch/lib, --add-modules=jdk.net, --add-modules=jdk.management.agent, --add-modules=ALL-MODULE-PATH, -Djdk.module.main=org.elasticsearch.server]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.bootstrap.Elasticsearch","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:42:42.875Z", "log.level": "INFO", "message":"Default Locale [en_US]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.bootstrap.Elasticsearch","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:42:55.496Z", "log.level": "INFO", "message":"vec_caps=1", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.nativeaccess.jdk.JdkVectorLibrary","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:42:55.499Z", "log.level": "INFO", "message":"Using native vector library; to disable start with -Dorg.elasticsearch.nativeaccess.enableVectorLibrary=false", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.nativeaccess.NativeAccess","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:42:55.519Z", "log.level": "INFO", "message":"Using [jdk] native provider and native methods for [Linux]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.nativeaccess.NativeAccess","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:42:55.808Z", "log.level": "WARN", "message":"Unable to lock JVM Memory: error=12, reason=Cannot allocate memory", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.nativeaccess.NativeAccess","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:42:55.808Z", "log.level": "WARN", "message":"This can result in part of the JVM being swapped out.", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.nativeaccess.NativeAccess","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:42:55.808Z", "log.level": "WARN", "message":"Increase RLIMIT_MEMLOCK, soft limit: 65536, hard limit: 65536", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.nativeaccess.NativeAccess","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:42:55.808Z", "log.level": "WARN", "message":"These can be adjusted by modifying /etc/security/limits.conf, for example:\n\t# allow user 'elasticsearch' mlockall\n\telasticsearch soft memlock unlimited\n\telasticsearch hard memlock unlimited", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.nativeaccess.NativeAccess","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:42:55.808Z", "log.level": "WARN", "message":"If you are logged in interactively, you will have to re-login for the new limits to take effect.", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.nativeaccess.NativeAccess","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:43:02.108Z", "log.level": "INFO", "message":"Java vector incubator API enabled; uses preferredBitSize=256; FMA enabled", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.apache.lucene.internal.vectorization.PanamaVectorizationProvider","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:43:04.225Z", "log.level": "INFO", "message":"Bootstrapping Entitlements", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.bootstrap.Elasticsearch","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.893Z", "log.level": "INFO", "message":"loaded module [repository-url]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.893Z", "log.level": "INFO", "message":"loaded module [rest-root]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.893Z", "log.level": "INFO", "message":"loaded module [x-pack-core]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.894Z", "log.level": "INFO", "message":"loaded module [x-pack-redact]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.894Z", "log.level": "INFO", "message":"loaded module [ingest-user-agent]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.894Z", "log.level": "INFO", "message":"loaded module [x-pack-async-search]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.894Z", "log.level": "INFO", "message":"loaded module [x-pack-monitoring]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.894Z", "log.level": "INFO", "message":"loaded module [repository-s3]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.894Z", "log.level": "INFO", "message":"loaded module [x-pack-esql-core]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.894Z", "log.level": "INFO", "message":"loaded module [x-pack-analytics]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.895Z", "log.level": "INFO", "message":"loaded module [search-business-rules]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.895Z", "log.level": "INFO", "message":"loaded module [x-pack-ent-search]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.895Z", "log.level": "INFO", "message":"loaded module [x-pack-autoscaling]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.895Z", "log.level": "INFO", "message":"loaded module [lang-painless]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.895Z", "log.level": "INFO", "message":"loaded module [x-pack-ml]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.895Z", "log.level": "INFO", "message":"loaded module [lang-mustache]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.895Z", "log.level": "INFO", "message":"loaded module [legacy-geo]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.896Z", "log.level": "INFO", "message":"loaded module [logsdb]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.896Z", "log.level": "INFO", "message":"loaded module [x-pack-ql]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.896Z", "log.level": "INFO", "message":"loaded module [rank-rrf]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.896Z", "log.level": "INFO", "message":"loaded module [analysis-common]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.896Z", "log.level": "INFO", "message":"loaded module [health-shards-availability]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.897Z", "log.level": "INFO", "message":"loaded module [transport-netty4]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.897Z", "log.level": "INFO", "message":"loaded module [aggregations]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.897Z", "log.level": "INFO", "message":"loaded module [ingest-common]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.897Z", "log.level": "INFO", "message":"loaded module [x-pack-identity-provider]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.898Z", "log.level": "INFO", "message":"loaded module [frozen-indices]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.898Z", "log.level": "INFO", "message":"loaded module [x-pack-text-structure]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.898Z", "log.level": "INFO", "message":"loaded module [x-pack-shutdown]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.898Z", "log.level": "INFO", "message":"loaded module [snapshot-repo-test-kit]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.898Z", "log.level": "INFO", "message":"loaded module [ml-package-loader]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.898Z", "log.level": "INFO", "message":"loaded module [kibana]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.898Z", "log.level": "INFO", "message":"loaded module [constant-keyword]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.898Z", "log.level": "INFO", "message":"loaded module [x-pack-logstash]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.898Z", "log.level": "INFO", "message":"loaded module [x-pack-ccr]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.911Z", "log.level": "INFO", "message":"loaded module [x-pack-graph]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.911Z", "log.level": "INFO", "message":"loaded module [rank-vectors]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.911Z", "log.level": "INFO", "message":"loaded module [x-pack-esql]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.911Z", "log.level": "INFO", "message":"loaded module [parent-join]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.911Z", "log.level": "INFO", "message":"loaded module [counted-keyword]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.911Z", "log.level": "INFO", "message":"loaded module [x-pack-enrich]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.911Z", "log.level": "INFO", "message":"loaded module [repositories-metering-api]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [transform]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [repository-azure]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [dot-prefix-validation]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [repository-gcs]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [spatial]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [x-pack-otel-data]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [mapper-version]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [apm]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [mapper-extras]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [x-pack-rollup]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [percolator]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [x-pack-migrate]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [x-pack-stack]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [data-streams]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.912Z", "log.level": "INFO", "message":"loaded module [rank-eval]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.913Z", "log.level": "INFO", "message":"loaded module [reindex]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.913Z", "log.level": "INFO", "message":"loaded module [streams]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.913Z", "log.level": "INFO", "message":"loaded module [x-pack-security]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.913Z", "log.level": "INFO", "message":"loaded module [blob-cache]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.913Z", "log.level": "INFO", "message":"loaded module [searchable-snapshots]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.913Z", "log.level": "INFO", "message":"loaded module [x-pack-slm]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.913Z", "log.level": "INFO", "message":"loaded module [x-pack-geoip-enterprise-downloader]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.913Z", "log.level": "INFO", "message":"loaded module [snapshot-based-recoveries]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.913Z", "log.level": "INFO", "message":"loaded module [x-pack-watcher]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.914Z", "log.level": "INFO", "message":"loaded module [old-lucene-versions]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.914Z", "log.level": "INFO", "message":"loaded module [x-pack-ilm]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.914Z", "log.level": "INFO", "message":"loaded module [x-pack-inference]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.914Z", "log.level": "INFO", "message":"loaded module [x-pack-voting-only-node]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.914Z", "log.level": "INFO", "message":"loaded module [x-pack-deprecation]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.914Z", "log.level": "INFO", "message":"loaded module [x-pack-fleet]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.914Z", "log.level": "INFO", "message":"loaded module [x-pack-profiling]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.915Z", "log.level": "INFO", "message":"loaded module [x-pack-aggregate-metric]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.915Z", "log.level": "INFO", "message":"loaded module [x-pack-downsample]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.915Z", "log.level": "INFO", "message":"loaded module [ingest-geoip]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.915Z", "log.level": "INFO", "message":"loaded module [x-pack-write-load-forecaster]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.915Z", "log.level": "INFO", "message":"loaded module [ingest-attachment]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.915Z", "log.level": "INFO", "message":"loaded module [wildcard]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.915Z", "log.level": "INFO", "message":"loaded module [x-pack-apm-data]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.915Z", "log.level": "INFO", "message":"loaded module [unsigned-long]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.916Z", "log.level": "INFO", "message":"loaded module [x-pack-sql]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.916Z", "log.level": "INFO", "message":"loaded module [x-pack-async]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.916Z", "log.level": "INFO", "message":"loaded module [runtime-fields-common]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.916Z", "log.level": "INFO", "message":"loaded module [vector-tile]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.916Z", "log.level": "INFO", "message":"loaded module [x-pack-kql]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.916Z", "log.level": "INFO", "message":"loaded module [lang-expression]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.916Z", "log.level": "INFO", "message":"loaded module [ingest-otel]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:19.916Z", "log.level": "INFO", "message":"loaded module [x-pack-eql]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.plugins.PluginsService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:24.266Z", "log.level": "WARN", "message":"SLF4J: No SLF4J providers were found.", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"stderr","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:24.266Z", "log.level": "WARN", "message":"SLF4J: Defaulting to no-operation (NOP) logger implementation", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"stderr","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:24.267Z", "log.level": "WARN", "message":"SLF4J: See https://www.slf4j.org/codes.html#noProviders for further details.", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"stderr","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:46.682Z", "log.level": "INFO", "message":"using [1] data paths, mounts [[/usr/share/elasticsearch/data (/dev/sda1)]], net usable_space [305.8gb], net total_space [379.9gb], types [ext4]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.env.NodeEnvironment","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:45:46.682Z", "log.level": "INFO", "message":"heap size [512mb], compressed ordinary object pointers [true]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.env.NodeEnvironment","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:46:01.088Z", "log.level": "INFO", "message":"node name [elasticsearch-v1-0], node ID [4r97erugRcmusrLKQuzJig], cluster name [docker-cluster], roles [data_content, data_warm, master, remote_cluster_client, data, data_cold, ingest, data_frozen, ml, data_hot, transform]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:46:44.527Z", "log.level": "INFO", "message":"Registered local node features [ES_V_8, ES_V_9, cluster.reroute.ignores_metric_param, cluster.stats.source_modes, data_stream.failure_store, linear_retriever_supported, lucene_10_1_upgrade, lucene_10_upgrade, security.queryable_built_in_roles, simulate.ignored.fields, snapshots.get.state_parameter]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.features.FeatureService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:46:45.073Z", "log.level": "INFO", "message":"using rate limit [40mb] with [default=40mb, read=0b, write=0b, max=0b]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.indices.recovery.RecoverySettings","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:46:46.070Z", "log.level": "INFO", "message":"Updated global default retention to [null]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.cluster.metadata.DataStreamGlobalRetentionSettings","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:46:46.071Z", "log.level": "INFO", "message":"Updated global max retention to [null]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.cluster.metadata.DataStreamGlobalRetentionSettings","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:46:46.071Z", "log.level": "INFO", "message":"Updated failures default retention to [30d]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.cluster.metadata.DataStreamGlobalRetentionSettings","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:46:46.072Z", "log.level": "INFO", "message":"Updated data stream name patterns for enabling failure store to [[]]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.cluster.metadata.DataStreamFailureStoreSettings","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:46:51.861Z", "log.level": "INFO", "message":"[controller/244] [Main.cc@123] controller (64 bit): Version 9.1.3 (Build 62f2779e1b9e97) Copyright (c) 2025 Elasticsearch BV", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"ml-cpp-log-tail-thread","log.logger":"org.elasticsearch.xpack.ml.process.logging.CppLogMessageHandler","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:00.020Z", "log.level": "INFO", "message":"OTel ingest plugin is enabled", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.oteldata.OTelPlugin","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:00.040Z", "log.level": "INFO", "message":"OpenTelemetry index template registry is enabled", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.core.template.YamlTemplateRegistry","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:00.043Z", "log.level": "INFO", "message":"Sending apm metrics is disabled", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.telemetry.apm.APM","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:00.043Z", "log.level": "INFO", "message":"Sending apm tracing is disabled", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.telemetry.apm.APM","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:00.440Z", "log.level": "INFO", "message":"Security is enabled", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.security.Security","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:01.436Z", "log.level": "INFO", "message":"parsed [0] roles from file [/usr/share/elasticsearch/config/roles.yml]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.security.authz.store.FileRolesStore","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:04.075Z", "log.level": "INFO", "message":"Watcher initialized components at 2026-03-17T06:47:04.074Z", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.watcher.Watcher","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:05.321Z", "log.level": "INFO", "message":"Profiling is enabled", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.profiling.ProfilingPlugin","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:05.501Z", "log.level": "INFO", "message":"profiling index templates will not be installed or reinstalled", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.profiling.ProfilingPlugin","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:05.560Z", "log.level": "INFO", "message":"APM ingest plugin is enabled", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.apmdata.APMPlugin","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:05.584Z", "log.level": "INFO", "message":"apm index template registry is enabled", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.core.template.YamlTemplateRegistry","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:12.486Z", "log.level": "INFO", "message":"creating NettyAllocator with the following configs: [name=unpooled, suggested_max_allocation_size=1mb, factors={es.unsafe.use_unpooled_allocator=null, g1gc_enabled=true, g1gc_region_size=4mb, heap_size=512mb}]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.transport.netty4.NettyAllocator","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:13.129Z", "log.level": "INFO", "message":"using discovery type [single-node] and seed hosts providers [settings]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.discovery.DiscoveryModule","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:16.520Z", "log.level": "INFO", "message":"initialized", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:16.521Z", "log.level": "INFO", "message":"starting ...", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:25.376Z", "log.level": "INFO", "message":"failed to obtain region from default provider chain", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.repositories.s3.S3RepositoryPlugin","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster","error.type":"software.amazon.awssdk.core.exception.SdkClientException","error.message":"Unable to load region from any of the providers in the chain software.amazon.awssdk.regions.providers.DefaultAwsRegionProviderChain@7f328c5e: [software.amazon.awssdk.regions.providers.SystemSettingsRegionProvider@7a843a7a: Unable to load region from system settings. Region must be specified either via environment variable (AWS_REGION) or system property (aws.region)., software.amazon.awssdk.regions.providers.AwsProfileRegionProvider@52cf8bcb: No region provided in profile: default, software.amazon.awssdk.regions.providers.InstanceProfileRegionProvider@2b4a3383: Unable to contact EC2 metadata service.]","error.stack_trace":"software.amazon.awssdk.core.exception.SdkClientException: Unable to load region from any of the providers in the chain software.amazon.awssdk.regions.providers.DefaultAwsRegionProviderChain@7f328c5e: [software.amazon.awssdk.regions.providers.SystemSettingsRegionProvider@7a843a7a: Unable to load region from system settings. Region must be specified either via environment variable (AWS_REGION) or system property (aws.region)., software.amazon.awssdk.regions.providers.AwsProfileRegionProvider@52cf8bcb: No region provided in profile: default, software.amazon.awssdk.regions.providers.InstanceProfileRegionProvider@2b4a3383: Unable to contact EC2 metadata service.]\n\tat software.amazon.awssdk.core.exception.SdkClientException$BuilderImpl.build(SdkClientException.java:130)\n\tat software.amazon.awssdk.regions.providers.AwsRegionProviderChain.getRegion(AwsRegionProviderChain.java:70)\n\tat org.elasticsearch.repositories.s3.S3RepositoryPlugin.getDefaultRegion(S3RepositoryPlugin.java:102)\n\tat org.elasticsearch.repositories.s3.S3Service.lambda$new$0(S3Service.java:132)\n\tat org.elasticsearch.server@9.1.3/org.elasticsearch.common.util.concurrent.RunOnce.run(RunOnce.java:41)\n\tat org.elasticsearch.repositories.s3.S3Service.doStart(S3Service.java:418)\n\tat org.elasticsearch.server@9.1.3/org.elasticsearch.common.component.AbstractLifecycleComponent.start(AbstractLifecycleComponent.java:51)\n\tat java.base/java.lang.Iterable.forEach(Iterable.java:75)\n\tat org.elasticsearch.server@9.1.3/org.elasticsearch.node.Node.start(Node.java:278)\n\tat org.elasticsearch.server@9.1.3/org.elasticsearch.bootstrap.Elasticsearch.start(Elasticsearch.java:620)\n\tat org.elasticsearch.server@9.1.3/org.elasticsearch.bootstrap.Elasticsearch.initPhase3(Elasticsearch.java:420)\n\tat org.elasticsearch.server@9.1.3/org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:100)\n"}
{"@timestamp":"2026-03-17T06:47:26.333Z", "log.level": "INFO", "message":"persistent cache index loaded", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.searchablesnapshots.cache.full.PersistentCache","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:26.333Z", "log.level": "INFO", "message":"deprecation component started", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.xpack.deprecation.logging.DeprecationIndexingComponent","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:26.464Z", "log.level": "INFO", "message":"publish_address {10.233.94.93:9300}, bound_addresses {[::]:9300}", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.transport.TransportService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:28.749Z", "log.level": "WARN", "message":"memory locking requested for elasticsearch process but memory is not locked; for more information see [https://www.elastic.co/docs/deploy-manage/deploy/self-managed/bootstrap-checks?version=9.1#bootstrap-checks-memory-lock]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.bootstrap.BootstrapChecks","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:28.750Z", "log.level": "WARN", "message":"Transport SSL must be enabled if security is enabled. Please set [xpack.security.transport.ssl.enabled] to [true] or disable security by setting [xpack.security.enabled] to [false]; for more information see [https://www.elastic.co/docs/deploy-manage/deploy/self-managed/bootstrap-checks?version=9.1#bootstrap-checks-tls]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.bootstrap.BootstrapChecks","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:28.750Z", "log.level": "INFO", "message":"this node is locked into cluster UUID [PPrGLteBTnKZLy4mpgzZ5w] and will not attempt further cluster bootstrapping", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.cluster.coordination.ClusterBootstrapService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:29.116Z", "log.level": "INFO", "message":"elected-as-master ([1] nodes joined in term 6)[_FINISH_ELECTION_, {elasticsearch-v1-0}{4r97erugRcmusrLKQuzJig}{3wsvAGx2TgWt5AZT_XeJlw}{elasticsearch-v1-0}{10.233.94.93}{10.233.94.93:9300}{cdfhilmrstw}{9.1.3}{8000099-9033000} completing election], term: 6, version: 19535, delta: master node changed {previous [], current [{elasticsearch-v1-0}{4r97erugRcmusrLKQuzJig}{3wsvAGx2TgWt5AZT_XeJlw}{elasticsearch-v1-0}{10.233.94.93}{10.233.94.93:9300}{cdfhilmrstw}{9.1.3}{8000099-9033000}]}", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.service.MasterService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:29.660Z", "log.level": "INFO", "message":"master node changed {previous [], current [{elasticsearch-v1-0}{4r97erugRcmusrLKQuzJig}{3wsvAGx2TgWt5AZT_XeJlw}{elasticsearch-v1-0}{10.233.94.93}{10.233.94.93:9300}{cdfhilmrstw}{9.1.3}{8000099-9033000}]}, term: 6, version: 19535, reason: Publication{term=6, version=19535}", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][clusterApplierService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.service.ClusterApplierService","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:29.742Z", "log.level": "INFO", "message":"node-join: [{elasticsearch-v1-0}{4r97erugRcmusrLKQuzJig}{3wsvAGx2TgWt5AZT_XeJlw}{elasticsearch-v1-0}{10.233.94.93}{10.233.94.93:9300}{cdfhilmrstw}{9.1.3}{8000099-9033000}] with reason [completing election]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.coordination.NodeJoinExecutor","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:29.747Z", "log.level": "INFO", "message":"license state changed, now [valid]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#2]","log.logger":"org.elasticsearch.xpack.writeloadforecaster.LicensedWriteLoadForecaster","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:30.427Z", "log.level": "INFO", "message":"publish_address {10.233.94.93:9200}, bound_addresses {[::]:9200}", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.http.AbstractHttpServerTransport","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:30.433Z", "log.level": "INFO", "message":"started {elasticsearch-v1-0}{4r97erugRcmusrLKQuzJig}{3wsvAGx2TgWt5AZT_XeJlw}{elasticsearch-v1-0}{10.233.94.93}{10.233.94.93:9300}{cdfhilmrstw}{9.1.3}{8000099-9033000}{ml.config_version=12.0.0, xpack.installed=true, transform.config_version=10.0.0, ml.machine_memory=20967653376, ml.allocated_processors=8, ml.allocated_processors_double=8.0, ml.max_jvm_size=536870912}", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"main","log.logger":"org.elasticsearch.node.Node","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:30.599Z", "log.level": "WARN", "message":"Failed to revoke access to default inference endpoint IDs: [elser_model_2, rainbow-sprinkles, rerank-v1, multilingual-embed-v1], error: org.elasticsearch.cluster.block.ClusterBlockException: blocked by: [SERVICE_UNAVAILABLE/1/state not recovered / initialized];", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][inference_utility][T#1]","log.logger":"org.elasticsearch.xpack.inference.services.elastic.authorization.ElasticInferenceServiceAuthorizationHandler","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:33.053Z", "log.level": "INFO", "message":"ML legacy indices rolled over", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlIndexRollover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:33.053Z", "log.level": "INFO", "message":"legacy ml anomalies indices rolled over and aliases updated", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlAnomaliesIndexUpdate","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:33.078Z", "log.level": "INFO", "message":"license mode is [basic], currently licensed security realms are [reserved/reserved,file/default_file,native/default_native]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][clusterApplierService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.security.authc.Realms","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:33.080Z", "log.level": "INFO", "message":"license [97340a25-3da9-4660-a834-5fe08dd9e1b1] mode [basic] - valid", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][clusterApplierService#updateTask][T#1]","log.logger":"org.elasticsearch.license.ClusterStateLicenseService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:33.082Z", "log.level": "INFO", "message":"starting file watcher ...", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][clusterApplierService#updateTask][T#1]","log.logger":"org.elasticsearch.common.file.AbstractFileWatchingService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:33.084Z", "log.level": "INFO", "message":"file settings service up and running [tid=68]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[file-watcher[/usr/share/elasticsearch/config/operator]]","log.logger":"org.elasticsearch.common.file.AbstractFileWatchingService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:33.085Z", "log.level": "INFO", "message":"setting file [/usr/share/elasticsearch/config/operator/settings.json] not found, initializing [file_settings] as empty", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[file-watcher[/usr/share/elasticsearch/config/operator]]","log.logger":"org.elasticsearch.reservedstate.service.FileSettingsService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:33.093Z", "log.level": "INFO", "message":"recovered [14] indices into cluster_state", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.gateway.GatewayService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:33.107Z", "log.level": "INFO", "message":"license state changed, now [not valid]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.xpack.writeloadforecaster.LicensedWriteLoadForecaster","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:41.657Z", "log.level": "INFO", "message":"Node [{elasticsearch-v1-0}{4r97erugRcmusrLKQuzJig}] is selected as the current health node.", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][management][T#2]","log.logger":"org.elasticsearch.health.node.selection.HealthNodeTaskExecutor","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-17T06:47:55.435Z", "log.level": "INFO", "current.health":"YELLOW","message":"Cluster health status changed from [RED] to [YELLOW] (reason: [shards started [[rus-beir-arxiv][0]]]).","previous.health":"RED","reason":"shards started [[rus-beir-arxiv][0]]" , "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][masterService#updateTask][T#1]","log.logger":"org.elasticsearch.cluster.routing.allocation.AllocationService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-18T01:30:00.002Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-18T01:30:00.003Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-18T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#3]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-18T01:38:00.010Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-18T01:38:00.024Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-18T01:38:00.024Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-18T01:38:00.024Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-19T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-19T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-19T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#4]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-19T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-19T01:38:00.004Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-19T01:38:00.004Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-19T01:38:00.004Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-20T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-20T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-20T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#4]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-20T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-20T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-20T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-20T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-21T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-21T01:30:00.000Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-21T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#3]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-21T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-21T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-21T01:38:00.004Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-21T01:38:00.004Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-22T01:30:00.001Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-22T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-22T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#3]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-22T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-22T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-22T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-22T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-23T01:30:00.001Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-23T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-23T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#3]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-23T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-23T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-23T01:38:00.004Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-23T01:38:00.004Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-24T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-24T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-24T01:38:00.001Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#3]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-24T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-24T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-24T01:38:00.004Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-24T01:38:00.004Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-24T11:16:09.081Z", "log.level": "WARN", "message":"http channel [Netty4HttpChannel{localAddress=/10.233.94.93:9200, remoteAddress=/192.168.1.214:28635}] closed before starting to handle [null][GET][/bad-request]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][transport_worker][T#3]","log.logger":"org.elasticsearch.http.AbstractHttpServerTransport","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-25T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-25T01:30:00.000Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-25T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-25T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-25T01:38:00.002Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-25T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-25T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-26T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-26T01:30:00.000Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-26T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#4]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-26T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-26T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-26T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-26T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-27T01:30:00.001Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-27T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-27T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-27T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-27T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-27T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-27T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-28T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-28T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-28T01:38:00.001Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#4]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-28T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-28T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-28T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-28T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-29T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-29T01:30:00.000Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-29T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-29T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-29T01:38:00.002Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-29T01:38:00.002Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-29T01:38:00.002Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-30T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-30T01:30:00.000Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-30T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-30T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-30T01:38:00.002Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-30T01:38:00.002Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-30T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-31T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-31T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-31T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#3]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-31T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-31T01:38:00.002Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-31T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-03-31T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-01T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-01T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-01T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-01T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-01T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-01T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-01T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-02T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-02T01:30:00.000Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-02T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-02T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-02T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-02T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-02T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-02T10:47:33.318Z", "log.level": "INFO", "message":"[.ds-ilm-history-7-2025.12.03-000003/Xgjkz2Y2RwCfP6TTCCEZGg] deleting index", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][masterService#updateTask][T#4657]","log.logger":"org.elasticsearch.cluster.metadata.MetadataDeleteIndexService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-02T10:47:33.828Z", "log.level": "INFO", "message":"Data stream lifecycle successfully deleted index [.ds-ilm-history-7-2025.12.03-000003] due to the lapsed [90d] retention period", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][clusterApplierService#updateTask][T#1]","log.logger":"org.elasticsearch.datastreams.lifecycle.DataStreamLifecycleService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-03T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-03T01:30:00.000Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-03T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-03T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-03T01:38:00.002Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-03T01:38:00.002Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-03T01:38:00.002Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-04T01:30:00.001Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-04T01:30:00.002Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-04T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#4]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-04T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-04T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-04T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-04T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-05T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-05T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-05T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#3]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-05T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-05T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-05T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-05T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-06T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-06T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-06T01:38:00.001Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-06T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-06T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-06T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-06T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-07T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-07T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-07T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-07T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-07T01:38:00.002Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-07T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-07T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-08T01:30:00.001Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-08T01:30:00.002Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-08T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-08T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-08T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-08T01:38:00.004Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-08T01:38:00.004Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-09T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-09T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-09T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#3]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-09T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-09T01:38:00.002Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-09T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-09T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-09T10:52:33.058Z", "log.level": "INFO", "message":"[.ds-ilm-history-7-2026.01.02-000004/ILeTWE3dSoaLbA6J98MKjw] deleting index", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][masterService#updateTask][T#6674]","log.logger":"org.elasticsearch.cluster.metadata.MetadataDeleteIndexService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-09T10:52:33.478Z", "log.level": "INFO", "message":"Data stream lifecycle successfully deleted index [.ds-ilm-history-7-2026.01.02-000004] due to the lapsed [90d] retention period", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][clusterApplierService#updateTask][T#1]","log.logger":"org.elasticsearch.datastreams.lifecycle.DataStreamLifecycleService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-10T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-10T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-10T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-10T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-10T01:38:00.004Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-10T01:38:00.004Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-10T01:38:00.004Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-11T01:30:00.001Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-11T01:30:00.002Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-11T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#4]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-11T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-11T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-11T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-11T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-12T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-12T01:30:00.002Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-12T01:38:00.001Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-12T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-12T01:38:00.004Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-12T01:38:00.004Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-12T01:38:00.004Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-13T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-13T01:30:00.002Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-13T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-13T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-13T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-13T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-13T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-14T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-14T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-14T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-14T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-14T01:38:00.002Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-14T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-14T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-15T01:30:00.001Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-15T01:30:00.002Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-15T01:38:00.001Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#3]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-15T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-15T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-15T01:38:00.004Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-15T01:38:00.004Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-16T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-16T01:30:00.002Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-16T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#3]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-16T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-16T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-16T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-16T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-17T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-17T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-17T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#3]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-17T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-17T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-17T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-17T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-18T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-18T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-18T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-18T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-18T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-18T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-18T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-19T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-19T01:30:00.002Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-19T01:38:00.001Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-19T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-19T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-19T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-19T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-19T22:37:46.823Z", "log.level": "WARN", "message":"http channel [Netty4HttpChannel{localAddress=/10.233.94.93:9200, remoteAddress=/192.168.1.214:7453}] closed before starting to handle [null][GET][/bad-request]", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][transport_worker][T#2]","log.logger":"org.elasticsearch.http.AbstractHttpServerTransport","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-20T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-20T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-20T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#3]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-20T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-20T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-20T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-20T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-21T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-21T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-21T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-21T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-21T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-21T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-21T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-22T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-22T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-22T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-22T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-22T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-22T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-22T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-23T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-23T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-23T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#3]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-23T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-23T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-23T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-23T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-24T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-24T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-24T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#4]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-24T01:38:00.002Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-24T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-24T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-24T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-25T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-25T01:30:00.002Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-25T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#3]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-25T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-25T01:38:00.002Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-25T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-25T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-26T01:30:00.000Z", "log.level": "INFO", "message":"starting SLM retention snapshot cleanup task", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-26T01:30:00.001Z", "log.level": "INFO", "message":"there are no repositories to fetch, SLM retention snapshot cleanup task complete", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][trigger_engine_scheduler][T#1]","log.logger":"org.elasticsearch.xpack.slm.SnapshotRetentionTask","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-26T01:38:00.000Z", "log.level": "INFO", "message":"triggering scheduled [ML] maintenance tasks", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][generic][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-26T01:38:00.001Z", "log.level": "INFO", "message":"Deleting expired data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#1]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-26T01:38:00.003Z", "log.level": "INFO", "message":"No writable indices found for unused stats documents", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.job.retention.UnusedStatsRemover","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-26T01:38:00.003Z", "log.level": "INFO", "message":"Completed deletion of expired ML data", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.action.TransportDeleteExpiredDataAction","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}
{"@timestamp":"2026-04-26T01:38:00.003Z", "log.level": "INFO", "message":"Successfully completed [ML] maintenance task: triggerDeleteExpiredDataTask", "ecs.version": "1.2.0","service.name":"ES_ECS","event.dataset":"elasticsearch.server","process.thread.name":"elasticsearch[elasticsearch-v1-0][ml_utility][T#2]","log.logger":"org.elasticsearch.xpack.ml.MlDailyMaintenanceService","elasticsearch.cluster.uuid":"PPrGLteBTnKZLy4mpgzZ5w","elasticsearch.node.id":"4r97erugRcmusrLKQuzJig","elasticsearch.node.name":"elasticsearch-v1-0","elasticsearch.cluster.name":"docker-cluster"}

70068
Resources/test/container-4vztxh.log Normal file
View File

File diff suppressed because it is too large Load Diff

6341
Resources/test/container-aowwci.log Normal file
View File

File diff suppressed because it is too large Load Diff

2042
Resources/test/container-elcxlx.log Normal file
View File

File diff suppressed because it is too large Load Diff

8099
Resources/test/container-qfdpbp.log Normal file
View File

File diff suppressed because it is too large Load Diff

33579
Resources/test/container-wdqxkf.log Normal file
View File

File diff suppressed because it is too large Load Diff

4000
Resources/test/log.txt Normal file
View File

File diff suppressed because it is too large Load Diff