What is [1332914]? What is [40809]? Why is everything inside square brackets? What's with the trailing spaces after 'monitor.jvm'? Are you trying to make things easier for a human to read? Where in your documentation does it breaks out the field keys for values like "old". What's "old", what should I call that [(parameter)]?
This is very hard to grok with Logstash. You make both Elasticsearch and Logstash, so this is just disappointing I guess.
For posterity, [1332914] looks like its the number of times the gc checker thread woke up and looked at GC info. I'm not sure what good it does but yeah.
I actually really like having non-message stuff in some kind of marker. Square brackets are painful to regex so I wouldn't have chosen them but I'll take them over nothing.
This is the logging category, spaced out to 25 characters and left aligned. Its pretty standard to do that kind of thing when logging in java. I like it. The rest of the line is a ton of stuff all crammed together so its hard to read even if you know what it all means.
I dunno. Its almost certainly missing. "old" is Elasticsearch normalizing the JVM's names for its memory pools. Its probably "CMS Old Gen" if you are using the default configuration. I honestly tend to use Java's GC logging when I want to debug this sort of thing. Its more standard so its easier to look up on google.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.