**Hi all.
ROR Version**: 1.68.0_es8.18.8 
Kibana Version: 8.18.8
Elasticsearch Version: 8.18.3 ROR 1.68.0
Steps to reproduce the issue
ror conf
readonlyrest:
prompt_for_basic_auth: false
response_if_req_forbidden: Wrong password or try clearing your browser cache
audit:
enabled: true
outputs:
- type: index
cluster: ["http://1.1.1.1:9100" , "http://2.2.2.2:9100", "http://3.3.3.3:9100" ]
index_template: "'remote-readonlyrest'-yyyy-MM-dd"
serializer: tech.beshu.ror.requestcontext.QueryAuditLogSerializer
- type: index # local cluster index
index_template: "'.readonlyrest-audit'-yyyy-MM-dd"
serializer: tech.beshu.ror.requestcontext.QueryAuditLogSerializer
The remote cluster has become unavailable.**
Expected result:**
Logs are dropped, but the cluster with ROR continues to work.
Actual Result:
The cluster with ROR stops accepting requests, error:
{"error":{"root_cause":[{"type":"circuit_breaking_exception","reason":"[parent] Data too large, data for [cluster:monitor/allocation/stats] would be [8054125476/7.5gb], which is larger than the limit of [8053063680/7.5gb], real usage: [8054125392/7.5gb], new bytes reserved: [84/84b], usages [inflight_requests=84/84b, model_inference=0/0b, eql_sequence=0/0b, fielddata=1046/1kb, request=0/0b]","bytes_wanted":8054125476,"bytes_limit":8053063680,"durability":"PERMANENT"}],"type":"circuit_breaking_exception","reason":"[parent] Data too large, data for [cluster:monitor/allocation/stats] would be [8054125476/7.5gb], which is larger than the limit of [8053063680/7.5gb], real usage: [8054125392/7.5gb], new bytes reserved: [84/84b], usages [inflight_requests=84/84b, model_inference=0/0b, eql_sequence=0/0b, fielddata=1046/1kb, request=0/0b]","bytes_wanted":8054125476,"bytes_limit":8053063680,"durability":"PERMANENT"},"status":429
{“customer_id”: “6c4a385b-2ae8-4f02-a9cd-ef24addfb5b3”, “subscription_id”: “32d4073f-dc2f-4056-a868-842727c637cd”}