How to parse mix json logs file

'''''''''
{"tool": {"driver": {"name": "Shell Script Analysis", "version": "1.0.0-scan", "fullName": "Shell Script Analysis"}}, "conversion": {"tool": {"driver": {"name": "@ShiftLeft/sast-scan"}}, "invocation": {"arguments": ["-a", "--shell=bash", "-f", "json", "-S", "error", "--color=never", "/app/shiftleft-scan.sh"], "executionSuccessful": true, "commandLine": "-a --shell=bash -f json -S error --color=never /app/shiftleft-scan.sh", "endTimeUtc": "2020-09-30T12:41:15Z", "workingDirectory": {"uri": "file:///var/lib/jenkins/workspace/shiftleft-pipeline"}}}, "invocations": [{"executionSuccessful": true, "endTimeUtc": "2020-09-30T12:41:15Z", "workingDirectory": {"uri": "file:///var/lib/jenkins/workspace/shiftleft-pipeline"}}], "properties": {"metrics": {"total": 0, "critical": 0, "high": 0, "medium": 0, "low": 0}}, "results": , "automationDetails": {"description": {"text": "Static Analysis Security Test results using @ShiftLeft/sast-scan"}, "guid": "7f7b90b9-1338-42dc-bf5b-4701fd852c05"}, "versionControlProvenance": [{"branch": "master", "repositoryUri": "https://github.com/CSPF-Founder/JavaVulnerableLab", "revisionId": "8f6b34d64ce39b3fa137ef08d40fb86df7ff8b7c"}]}
{"tool": {"driver": {"name": "Security Audit for Infrastructure", "version": "1.0.0-scan", "fullName": "Security Audit for Infrastructure"}}, "conversion": {"tool": {"driver": {"name": "@ShiftLeft/sast-scan"}}, "invocation": {"arguments": ["-s", "--quiet", "--no-guide", "-o", "json", "-d", "/app"], "executionSuccessful": true, "commandLine": "-s --quiet --no-guide -o json -d /app", "endTimeUtc": "2020-09-30T12:41:18Z", "workingDirectory": {"uri": "file:///var/lib/jenkins/workspace/shiftleft-pipeline"}}}, "invocations": [{"executionSuccessful": true, "endTimeUtc": "2020-09-30T12:41:18Z", "workingDirectory": {"uri": "file:///var/lib/jenkins/workspace/shiftleft-pipeline"}}], "properties": {"metrics": {"total": 0, "critical": 0, "high": 0, "medium": 0, "low": 0}}, "results": , "automationDetails": {"description": {"text": "Static Analysis Security Test results using @ShiftLeft/sast-scan"}, "guid": "971caa67-3fb1-4f01-9c1e-cbc50028674e"}, "versionControlProvenance": [{"branch": "master", "repositoryUri": "https://github.com/CSPF-Founder/JavaVulnerableLab", "revisionId": "8f6b34d64ce39b3fa137ef08d40fb86df7ff8b7c"}]}
'''''''''
Need help here!!!

My logstash conf file

'''''
input {
file
{
path => ["scan-full-report.json"]
start_position => "beginning"
sincedb_path => "/dev/null"
codec => "json"
}
}
filter {
json {
source => "message"
}
}
output {
elasticsearch {
hosts => ["http://localhost:9200"]
index => "json-"
}
}
'''''
My kibana messages are the same as the file. And it is not readable and also i am not able to KQL for the batter results

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.