Hi folks, can't get this one right.... I have a file that contains json
formatted events (example below). I'm having issues with logstash parsing
the message. I've tried different options.
my input reading the file below.
I've tried many options (a few hours worth). Without naming them all, does
anyone know the proper way they would do this? I want to get all the json
fields in logstash to send to elasticsearch.
Thank you!
Chris
____________
<Extension dicom-multi>
Module xm_multiline
#2014-07-31T18:59:57-0400
HeaderLine /^\d\d\d\d.\d\d.\d\dT\d\d:\d\d:\d\d-0400/
</Extension>
<Input input>
Module im_file
File 'C:\Users\10327125\ELK\TE2RestOut2.txt'
InputType dicom-multi
ReadFromLast False
CloseWhenIdle TRUE
SavePos False
</Input>
_
Example Jason:
______
2014-08-03T12:23:14-0400[{"open":"2014-08-03T13:00:00.000+0000","close":"2014-08-04T01:00:00.000+0000","isOpen":true,"date":"2014-08-03"}]
------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
nxlog-ce-users mailing list
nxlog-ce-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nxlog-ce-users
