Collectives™ on Stack Overflow
Find centralized, trusted content and collaborate around the technologies you use most.
Learn more about Collectives
Teams
Q&A for work
Connect and share knowledge within a single location that is structured and easy to search.
Learn more about Teams
I have an source from syslog proto in fluentd, but the line is not fully syslog compliant.
142>May 31 16:22:56 haproxy[77]: {"ident":"haproxy","client_ip":"172.20.1.3","c....}
I need to parse the json part before submitting it to elasticsearch/kibana.
how would you do that? This is producing me a "failed to parse message data"
<source>
@type syslog
port 514
tag haproxy-logs
<parse>
@type json
</parse>
key_name log
</source>
I also tried a standard syslog input, whithout parsing. and a filter whith json parser, but whitout success.
thanks
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.