Manage Elasticsearch

After you have installed Elasticsearch, you can manage the service.

On this page:

Start or stop Elasticsearch

You can start or stop Elasticsearch as follows:

sudo systemctl start elasticsearch.service
sudo systemctl stop elasticsearch.service

Elasticsearch recommends using the Log4j 2 configuration that is shipped by default.

To enable logging, see Elasticsearch logging.

When systemd logging is enabled, you can access logging information by using the journalctl commands:

Tail the journal:
```
sudo journalctl -f
```
Journal entries for the Elasticsearch service:
```
sudo journalctl --unit elasticsearch
```
Journal entries for the Elasticsearch service from a specific start time:
```
sudo journalctl --unit elasticsearch --since  "2025-09-01 09:15:00"
```

For more command line options, run the man journalctl or see journalctl.