elasticsearch - fluentd parse log partially json

相关文章推荐

气宇轩昂的葫芦 · 【瑞驰新能源EC55】瑞驰新能源_瑞驰新能源 ...· 1 年前 ·

焦虑的面包 · 袁宝璟老婆卓玛是不是唱歌哪个卓玛_头条· 1 年前 ·

高大的热带鱼 · 推文｜夜深人静的时候👀第三弹 - 知乎· 1 年前 ·

精明的猴子 · 南锣鼓巷地铁_中高级轿车市场“头部之争”为何 ...· 1 年前 ·

冷静的帽子 · 降价潮席卷全国！车企尽数参战，业内直呼负和博 ...· 1 年前 ·

Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Learn more about Collectives

Teams

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

Learn more about Teams

I have an source from syslog proto in fluentd, but the line is not fully syslog compliant.

142>May 31 16:22:56 haproxy[77]: {"ident":"haproxy","client_ip":"172.20.1.3","c....}
I need to parse the json part before submitting it to elasticsearch/kibana.
how would you do that? This is producing me a "failed to parse message data"
<source>
  @type syslog
  port 514
  tag haproxy-logs
  <parse>
    @type json
  </parse>
  key_name log
</source>
I also tried a standard syslog input, whithout parsing. and a filter whith json parser, but whitout success.
thanks
        Thanks for contributing an answer to Stack Overflow!
Please be sure to answer the question. Provide details and share your research!
But avoid …
Asking for help, clarification, or responding to other answers.
Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.

推荐文章

气宇轩昂的葫芦 · 【瑞驰新能源EC55】瑞驰新能源_瑞驰新能源EC55报价_瑞驰新能源EC55图片_汽车之家

1 年前

焦虑的面包 · 袁宝璟老婆卓玛是不是唱歌哪个卓玛_头条

1 年前

高大的热带鱼 · 推文｜夜深人静的时候👀第三弹 - 知乎

1 年前

精明的猴子 · 南锣鼓巷地铁_中高级轿车市场“头部之争”为何是“凯迈之争”？_太平洋汽车网

1 年前

冷静的帽子 · 降价潮席卷全国！车企尽数参战，业内直呼负和博弈，车市总盘子会缩水吗_财经_中国网

1 年前