{"className":"HomePageBusiness.java","msisdn":"912345678902","method":"HOMEPAGE","externalAPI":"My project info","message":"Delta this is successfull","timestamp":"2022/04/06 21:49:14","timeElapsed":"0:0:0:109"}
This is a custom generated logs pattern for monitoring API response which is 109 milliseconds in last. I want to show it on kibana, I am really a newbie, can someone help me to convert this unstructured data into structured data. Please guide how to write logstash filter for it.
That is JSON, so you can use a json filter to parse it.
json { source => "message" remove_field => [ "message" ] }
To show the response time in kibana it will probably be better to normalize timeElapsed to milliseconds
ruby {
code => '
timeElapsed = event.get("timeElapsed")
if timeElapsed
timeElapsed = timeElapsed.split(":")
if timeElapsed.length == 4
event.set("timeElapsedMs", timeElapsed[3].to_i + 1000 * timeElapsed[2].to_i + 60000 * timeElapsed[1].to_i + 3600000 * timeElapsed[0].to_i)
end
end
'
}This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.