Hi, I have JSON logs for a nginx container in which I host a web application.
These logs are not shown always to Kibana (more below), but I can see them processed by Logstash docker container logs.
When I remove some fields from the nginx output (for example, the user-agent and some other fields), then this logs are shown in Kibana.
I guess if there is a log limit size (some few kb) to the logs indexable by elasticsearch ?
If so, how can I change that ?
As I mentioned above the logs are shown fine if I remove most of the details and just let for example
{"time_local":"15/May/2019:20:37:54 +0000","request":"GET /persona-afer?ref=header HTTP/1.1","status": "200","body_bytes_sent":"4228","request_time":"1.658","http_referrer":"https://www.test.dev/home?ref=header"}
If I add the other fields also (user agent and so on), the log obviously is bigger and for some reason is not shown in kibana..., but in the logstash docker container is shown properly (the logs come from filebeat to logstash)
Any idea ? I am using all latest ELK 7.0.1