Accessing individual values in a logstash

I'm trying to mask some values in the logs but looks like it's not working because of the log format.
Here is the format:

     "_source": {
    "log": "2021-01-24 07:15:37 +0000 [warn]: #0 dump an error event: error_class=Fluent::Plugin::ElasticsearchErrorHandler::ElasticsearchError error=\"400 - Rejected by Elasticsearch\" location=nil tag=\"myapp-tag\" time=2021-01-24 07:15:32.694763042 +0000 record={\"method\"=>\"GET\", \"path\"=>\"/404\", \"format\"=>\"html\", \"controller\"=>\"ErrorsController\", \"action\"=>\"not_found\", \"status\"=>404, \"duration\"=>2.66, \"view\"=>0.38, \"params\"=>{\"path\"=>\"/etc/<canary>\", \".ico\"=>nil}, \"app_name\"=>\"myapp-name\", \"host\"=>\"\", \"remote_id\"=>\"\"}\n"

For example, how do I access app_name?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.