Hi everyone
I am new to elastic stack and I am trying to parse multiline logs for the first time. (like this)
2018-06-04 13:42:01,436 INFO (main) [en.vke.ultil.ServerStateChecker] - Server is not ready yet : Could not obtain connection to any of these urls: 127.0.0.1:1099 and discovery failed with error: javax.naming.CommunicationException: Receive timed out [Root exception is java.net.SocketTimeoutException: Receive timed out]
at $Proxy11.getServerState(Unknown Source)
Caused by: java.net.SocketTimeoutException: Receive timed out
I am using this pattern :
%{TIMESTAMP_ISO8601:timestamp} %{LOGLEVEL:loglevel} (%{DATA:info}) %{SYSLOG5424SD:service} - %{GREEDYDATA:logmessage}
When I show the output with the stdout codec it is working as I want and I have
Server is not ready yet : Could not obtain connection to any of these urls: 127.0.0.1:1099 and discovery failed with error: javax.naming.CommunicationException: Receive timed out [Root exception is java.net.SocketTimeoutException: Receive timed out]
at $Proxy11.getServerState(Unknown Source)
Caused by: java.net.SocketTimeoutException: Receive timed out
In the "logmessage" field.
But when I query elasticsearch to see the data, the field is empty and the lines aren't parsed but they written outside the field.
I don't know why it is acting differently so I'm requesting some help or hints to help me fix this.
Thanks !
