How to process Different values for same key


(Fredrick Yessaian) #1

Hi,

Please check below log messages.. I am creating JSON string from my application and processing through ELK..

the data under the key logMessage are not same in all lines.. Line 1 & 6 has another JSON Object as value.. Also the JSON String with in logMessages in 1 & 6 itself is different. I have another JSON Object with in the JSON Object.
So my question is since I have 3 different types for logMessage values.. Do I have to created different keys for each type.. so that Elastic search will create proper indexes?
Guide me How should I consider these 3 different types?

Thanks
Fredrick

Line 1 : {"loggingTime":"Fri 12 May 2017 12-39-38 632 EDT","applicationName":"RestService","hostName":"HOSTNAME1","loglevel":"INFO","threadName":"WebContainer : 0","logMessage":{"hostName":"LOT_CONTROL_SIM_2","ipAddress":"111.111.111.111","port":40000,"routerPort":0,"terminalDescription":"LOT CONTROL SIM 2","locatedProcessPointId":"SIMPP01","divisionId":"SIMDIV01","afTerminalFlag":"GALCv1","processPoint":{"processPointId":"SIMPP01","processPointName":"LOT_CONTROL_SIM_2","processPointDescription":"","processPointTypeId":5,"siteName":"SITESIM01","plantName":"SIMPLANT01","divisionId":"SIMDIV01","divisionName":"AF","lineId":"SIMLINE01","lineName":"AF ON","backFillProcessPointId":"","sequenceNumber":0,"trackingPointFlag":0,"recoveryPointFlag":0,"passingCountFlag":1,"createTimestamp":"2017-05-11 08:07:44.752 EDT","updateTimestamp":"2013-01-09 14:43:30.000 EST"},"createTimestamp":"2017-05-11 08:07:44.794 EDT"}}
Line 2 : {"loggingTime":"Fri 12 May 2017 12-39-42 281 EDT","applicationName":"RestService","hostName":"HOSTNAME1","loglevel":"INFO","threadName":"WebContainer : 0","logMessage":"Received REST Service request WebStartClientDao.findByKey from 111.111.111.111"}
Line 3 : {"loggingTime":"Fri 12 May 2017 12-39-42 281 EDT","applicationName":"RestService","hostName":"HOSTNAME1","loglevel":"INFO","threadName":"WebContainer : 0","logMessage":"No Parameters in JSON payload for WebStartClientDao.findByKey from 111.111.111.111"}
Line 4 : {"loggingTime":"Fri 12 May 2017 12-39-42 281 EDT","applicationName":"RestService","hostName":"HOSTNAME1","loglevel":"INFO","threadName":"WebContainer : 0","logMessage":"Raw query string received for WebStartClientDao.findByKey from 111.111.111.111: VNWQ63213"}
Line 5 : {"loggingTime":"Fri 12 May 2017 12-39-42 281 EDT","applicationName":"RestService","hostName":"HOSTNAME1","loglevel":"INFO","threadName":"WebContainer : 0","logMessage":"Decoded REST parameters received in query string for WebStartClientDao.findByKey from 111.111.111.111: VNWQ63213"}
Line 6 : {"loggingTime":"Fri 12 May 2017 12-39-42 286 EDT","applicationName":"RestService","hostName":"HOSTNAME1","loglevel":"INFO","threadName":"WebContainer : 0","logMessage":{"ipAddress":"VNWQ63213","hostName":"LOT_CONTROL_SIM_2","buildId":"DEFAULT","restartInSecs":-1,"heartBeatTimestamp":"2017-05-12 12:38:28.931 EDT","createTimestamp":"2017-05-11 08:07:58.367 EDT","updateTimestamp":"2017-05-12 12:38:28.942 EDT"}}


(system) #2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.