My 'message' contains a stacktrace / exception error like below.
But the string is not easy to read in Kibana. I need to insert new lines on each trace line.. so it's neat and tidy etc..
I've read that I can use scripted fields to achieve this, and the painless would look like this?
doc['message'].value = "\n" + " "
But the script does not work. How can I replace \n in the strack trace so my messages are on new lines in Kibana?
[2018-06-07 11:02:33] testing.ERROR: Class 'App\Http\Controllers\Deal' not found {"exception":"[object] (Symfony\Component\Debug\Exception\FatalThrowableError(code: 0): Class 'App\Http\Controllers\Deal' not found at /app/Http/Controllers/TestingSyslogController.php:13)\n[stacktrace]\n#0 [internal function]: App\Http\Controllers\TestingSyslogController->index()\n#1 /vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): call_user_func_array(Array, Array)\n#2 /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\Routing\Controller->callAction('index', Array)\n#3 /vendor/laravel/framework/src/Illuminate/Routing/Route.php(212): Illuminate\Routing\ControllerDispatcher->dispatch(Object(Illuminate\Routing\Route), Object(App\Http\Controllers\TestingSyslogController), 'index')\n#4 /vendor/laravel/framework/src/Illuminate/Routing/Route.php(169): Illuminate\Routing\Route->runController()\n#5
Amazed there are no working examples of stack trace handling in kibana. I tried logstash & grok filtering already.... was hoping this scripted fields might offer a good alternative.
I might just write a custom log in json format and send it directly to logstash.
You need to parse that at index time itself. Scripted field will get you there, and is the only option if it's already indexed, but not a prob for Kibana to solve, the workflow for that is done pre-kibana.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.