elasticsearch - fluentd parse log partially json

Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Learn more about Collectives

Teams

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

Learn more about Teams

I have an source from syslog proto in fluentd, but the line is not fully syslog compliant.

142>May 31 16:22:56 haproxy[77]: {"ident":"haproxy","client_ip":"172.20.1.3","c....}
I need to parse the json part before submitting it to elasticsearch/kibana.
how would you do that? This is producing me a "failed to parse message data"
<source>
  @type syslog
  port 514
  tag haproxy-logs
  <parse>
    @type json
  </parse>
  key_name log
</source>
I also tried a standard syslog input, whithout parsing. and a filter whith json parser, but whitout success.
thanks
        Thanks for contributing an answer to Stack Overflow!
Please be sure to answer the question. Provide details and share your research!
But avoid …
Asking for help, clarification, or responding to other answers.
Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.

推荐文章

瘦瘦的棒棒糖 · 关于执行策略 - PowerShell | Microsoft Learn

3 周前

没有腹肌的香菇 · sim800c中支持的密码套件是什么？-腾讯云开发者社区-腾讯云

6 月前

没读研的足球 · Centos7安装opencv-python缺少共享库(libSM.so.6） - 简书

1 年前

可爱的山羊 · Python range() 函数 | 菜鸟教程

1 年前

腼腆的手链 · ChEA3: transcription factor enrichment analysis by orthogonal omics integration - PMC

1 年前