Invalid JSON somewhere in pipeline

Can't add multiple categories, but this involves APM as well.

Logs flow apm-agent-java -> stdout -> journald -> rsyslog -> logstash -> elasticsearch.
At the end I end up with a document like this

  "message": "{\"@version\":\"1\",\"@timestamp\":\"2019-04-01T15:55:28.060841+00:00\",\"type\":\"rsyslog\",\"message\":\"2019-04-01 15:55:28.059 [apm-reporter] INFO - Backing off for 0 seconds (\xB110%)\",\"hostname\":\"my-host\",\"severity\":\"info\",\"facility\":\"daemon\",\"programname\":\"java\",\"procid\":\"29369\",\"msgid\":\"-\"}\n",
  "tags": ["_jsonparsefailure"]

I assumed it was the \xB1 but have been unable to reproduce using syslog directly: both logger '\xB1' and logger '±' end up with correctly-encoded JSON sent to logstash. Perhaps I need to set something in the process that the APM agent is instrumenting?

@felixbarny perhaps?

Hm, it's probably best if we only log ascii characters in the agent... I'll change that.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.