"_jsonparsefailure"

Brendao · February 17, 2017, 9:19am

Comme ceci ? :

"message" => "{\\\"EventTime\\\":\\\"2017-02-17 09:39:33\\\",\\\"Hostname\\\":\\\"xxxx00051.xxxxxxx.local\\\",\\\"Keywords\\\":-9223372036854775792,\\\"EventType\\\":\\\"INFO\\\",\\\"SeverityValue\\\":2,\\\"Severity\\\":\\\"INFO\\\",\\\"EventID\\\":1,\\\"SourceName\\\":\\\"Microsoft-Windows-Kernel-General\\\",\\\"ProviderGuid\\\":\\\"{A68CA8B7-004F-D7B6-A698-07E2DE0F1F5D}\\\",\\\"Version\\\":1,\\\"Task\\\":0,\\\"OpcodeValue\\\":0,\\\"RecordNumber\\\":503919,\\\"ProcessID\\\":1996,\\\"ThreadID\\\":1184,\\\"Channel\\\":\\\"System\\\",\\\"Domain\\\":\\\"AUTORITE NT\\\",\\\"AccountName\\\":\\\"Syst\\xE8me\\\",\\\"UserID\\\":\\\"Syst\\xE8me\\\",\\\"AccountType\\\":\\\"User\\\",\\\"Message\\\":\\\"L’heure système est passée de ‎2017‎-‎02‎-‎17T08:32:52.968943900Z à ‎2017‎-‎02‎-‎17T08:39:33.439000000Z.\\\\r\\\\n\\\\r\\\\nRaison de la modification : Une application ou un composant système a modifié l’heure.\\\",\\\"Opcode\\\":\\\"Informations\\\",\\\"NewTime\\\":\\\"2017-02-17T08:39:33.439000000Z\\\",\\\"OldTime\\\":\\\"2017-02-17T08:32:52.968943900Z\\\",\\\"Reason\\\":\\\"1\\\",\\\"EventReceivedTime\\\":\\\"2017-02-17 09:41:30\\\",\\\"SourceModuleName\\\":\\\"eventlog\\\",\\\"SourceModuleType\\\":\\\"im_msvistalog\\\"}\\r",
      "@version" => "1",
    "@timestamp" => "2017-02-17T08:36:21.448Z",
          "host" => "192.168.x.x",
          "port" => 53495,
          "type" => "nxlog",
          "tags" => [
        [0] "tcpjson",
        [1] "_jsonparsefailure"
    ]
}

Topic		Replies	Views
Problème pour parser un fichier JSON à l'aide de Logstash Discussions en français	6	1903	July 6, 2017
Getting _jsonparsefailure in logstash Logstash	3	16529	July 6, 2017
Logstash JSON codec Logstash	3	1153	July 6, 2017
Having issues parsing json Logstash	15	2006	July 19, 2019
Json parsing problem tcp input Logstash	9	3027	March 27, 2019

"_jsonparsefailure"

Related topics