I have a RabbitMQ sending 3 fields in JSON format and it is being consumed by Logstash rabbitmq input plugin.
One of the fields is a JSON array of strings as follows:
"content": [
"1111",
"2222222",
"Test 06",
"3",
"3232",
"SomeValue1"
]
How could I make each entry of that string into a field so that I can quickly discover and visualize in Kibana from the available fields? Right now I see "content" with that full string.
The JSON array string size changes depending on another field, eventID. Would it be possible to dynamically map the values in that string to specific names depending on the eventID?
Such as:
"eventID": 1,
"content": [
"name1": "1111",
"name2": "2222222",
"name3": "Test 06",
"name4": "3",
"name5": "3232",
"name6": "SomeValue1"
]
"eventID": 2,
"content": [
"othername1": "3434",
"othername2": "Test 10",
"othername3": "876",
"othername4": "Some String7"
]
I would like to have the name* and othername* in the available fields. Any help would be appreciated.