Log4j add more fields

Elastic Stack Elasticsearch
1

I have setup to write log4j logs to elasticsearch. However it only maps log4j default fields such as level, message and etc. Full log message contains session id in the console log but that part is not mapped by default in the index mapping in ES. Any solution to map new field to index mapping? please advice me.

Here is the appender I used ,

<Elasticsearch name="elasticsearchAsyncBatch">
			<IndexName indexName="test-000001"/>
			<AsyncBatchDelivery>
				    <JestHttp serverUris="http://localhost:9200">
				  	</JestHttp>
			</AsyncBatchDelivery>
		</Elasticsearch>

Here is the mapping. This should include

{
			  "mapping": {
				"index": {
				  "properties": {
					"level": {
					  "type": "text",
					  "fields": {
						"keyword": {
						  "type": "keyword",
						  "ignore_above": 256
						}
					  }
					},
					"loggerName": {
					  "type": "text",
					  "fields": {
						"keyword": {
						  "type": "keyword",
						  "ignore_above": 256
						}
					  }
					},
					"message": {
					  "type": "text",
					  "fields": {
						"keyword": {
						  "type": "keyword",
						  "ignore_above": 256
						}
					  }
					},
					"thread": {
					  "type": "text",
					  "fields": {
						"keyword": {
						  "type": "keyword",
						  "ignore_above": 256
						}
					  }
					},
					"timeMillis": {
					  "type": "long"
					}
				  }
				}
			  }
			}
2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.