Hello,
I am using Log4j2 to export the log fie to JSON format. Some of the lines are:
{
"timeMillis" : 1455729263723,
"thread" : "main",
"level" : "INFO",
"loggerName" : "org.eclipse.jetty.util.log",
"message" : "Logging initialized @1764ms",
"endOfBatch" : false,
"loggerFqcn" : "org.eclipse.jetty.util.log.Slf4jLog"
}
{
"timeMillis" : 1455729263848,
"thread" : "main",
"level" : "INFO",
"loggerName" : "org.eclipse.jetty.server.Server",
"message" : "jetty-9.2.14.v20151106",
"endOfBatch" : false,
"loggerFqcn" : "org.eclipse.jetty.util.log.Slf4jLog"
}
{
"timeMillis" : 1455729264005,
"thread" : "main",
"level" : "INFO",
"loggerName" : "/hhhh",
"message" : "Initializing log4j from [C:\\Development\\workspace\log4j.properties]",
"endOfBatch" : false,
"loggerFqcn" : "org.eclipse.jetty.util.log.Slf4jLog"
}Now I have Json log file and would like to create index and get some visualizations from this log file. As far as I know, I have 2 options:
1. create index using LogStash or
2. directly post that file using curl. I prefer second option since I already have json log file. So that I ran following command:
It DOES NOT create index If I see the list of indices. But if I run following command:
It posts first one since I declared "/1" at the end of the command. But even if I ran last one, Kibana could not find indices but index was created if I list them. So my questions are:
- Does Kibana have some requirements for JSON format? (There must be a field called @timestamp etc)
- To post json file to ES, can I specify path to the file?
- Should I use LogStash instead of directly posting JSON file to the ES? Which one is the best way to do it?
Any advice would be appreciated. Thanks