ES(5.x)-to-JSON logging log4j.properties example/snippet

Hello everybody,

I am trying to get ES to log to JSON with https://github.com/vy/log4j2-logstash-layout, but can not get it to work. The examples I found are using the deprecated logging.yml.

Does anybody have an example of a working configuration?

This was already asked here, but @anishm wasn't fortunate enough to get a reply.

Happy day!
Will

Anybody?

Can I provide more information or enhance the question in any way to elicit a reply?

...not giving up yet!

Surely someone else has gotten ES to log JSON? It would be bonkers, if one of the main component of the tool set that so strongly endorses structured logging, can't easily be swayed into structured logging itself. No?

Got it! Thanks for nothing, lads!

1. Add the following to log4j2.properties:

appender.json_file.type = file
appender.json_file.name = json_file
appender.json_file.fileName = ${sys:es.logs}-json.log
appender.json_file.layout.type = JSONLayout
appender.json_file.layout.compact = true
appender.json_file.layout.eventEol = true
rootLogger.appenderRef.json_file.ref = json_file

2. Add the following to $JAVA_HOME/lib/security/java.policy:

grant {
  permission java.lang.RuntimePermission "accessDeclaredMembers";
  permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
};

3. Download http://repo1.maven.org/maven2/com/fasterxml/jackson/core/jackson-annotations/2.8.1/jackson-annotations-2.8.1.jar and http://repo1.maven.org/maven2/com/fasterxml/jackson/core/jackson-databind/2.8.1/jackson-databind-2.8.1.jar to /usr/share/elasticsearch/lib.

Sources:

• https://github.com/elastic/elasticsearch/issues/22103
• http://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.