I'm trying to write event log messages from specific source to kafka.
The problem is that all textual event fields are written to kafka in chinese.
Because of that:
- filter is not working (the if statement for specific source is wrong because source nume equals to chinese instead of real value)
- when removing the filter all textual event fileds are shown in chinese in kafka.
(writing just text works fine)
tried also to add encoding without success.
here is my configuration:
input {
eventlog {
logfile => 'Application'
codec => plain{
charset => 'Windows-31J'
}
}
}
output {
kafka {
codec => "json"
bootstrap_servers => "10.1.70.101:9092"
topic_id => "eventlog"
}
}
and here is my output in kafka:
{"EventType":"湩潦浲瑡潩�","TimeGenerated":"2018-02-07T09:54:03.000Z","@version":"1","SourceName":"畏汴潯�","host":"m2044248-w7","Category":0,"ComputerName":"㉭㐰㈴㠴眭⸷汴潧汩","User":null,"EventIdentifier":63,"Logfile":"Application","@timestamp":"2018-02-07T11:04:33.524Z","RecordNumber":177273,"InsertionStrings":["桔硅档湡敧眠扥猠牥楶散爠煥敵瑳䜠瑥灁䵰湡晩獥獴猠捵散摥摥"],"TimeWritten":"2018-02-07T09:54:03.000Z","Type":"湩潦浲瑡潩�","message":"桔硅档湡敧眠扥猠牥楶散爠煥敵瑳䜠瑥灁䵰湡晩獥獴猠捵散摥摥�"}
I'll be very gratefull for your help !
thanks,
Gitit