Yeah sorry, forgot there was a link and missed it when I was scanning - too used to looking for actual json.
Can you share what the output is with the message_key enabled?
It looks like it mashes the whole record into the "message" property.
Any thoughts?
Still trying to work out how to push the data so I can run reports against it. Should I be trying to pre-process the (json) logs to strip the /n out? That seemed to net the best result. If I do, is there a way to archive them so they don't get reprocessed next run?
Hoping this thread doesn't get abandoned.
I don't have the experience or knowledge to help on that sorry.
Ok. Any idea who might?