I have a json log files which is in multi line json format and i need to send it to elasticsearch as it is. how can i do it?
Welcome to the community!
Can you provide us with a sample?
There is multiline codec as well as json codec. You should have something like this
input {
file {
path => ['/path/file.json']
codec => multiline {
pattern => '^{'
negate => true
what => previous
}
}
}
filter {
json {
source => "message"
}
}
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.