Hi All, i am new to logstash kv , i am tring to parse message that look like
{"HOSTNAME":"XXX","level":"INFO","logger_name":"elkUaLog","serviceName":"services-log","profile":"localdev","eurekaInstanceId":"services-log:2fe14fcfac1ad6581d7dc967b10463aa","message":"user-activity","eventName":"user-activity","eventType":"change","elementType":"input","inputType":"checkbox","fieldName":"deal.treatmentLead.cb163d89dbe-d6e7-4684-b9f1-37d2ef73380f","value":true,"timestamp":"1/15/2018, 1:25:06 PM","timeSinceStarted":"4.0 Sec","browser":"Chrome 63"}
i wrote filter
kv {
{ field_split => ",?"},
{ source => "message" },
{ value_split => ":" }
}
but i am getting error
can any one help ?
