With the email output plugin I can't work out how to get it to dump the whole event. Seems like I have to specify the fields that I want.
Trouble is that it's schemaless, unless I go and specify every field that might ever exist the email lacks the information.
I want to be able to do something like email output use rubydebug codec. So it's just a dump of the event and all the available context.
A side but related, anyway to get it to also put a link in the email to the event in kibana?
Thanks
With the email output plugin I can't work out how to get it to dump the whole event. Seems like I have to specify the fields that I want.
Yeah, it just doesn't do that right now. You could use a ruby filter to dump all of the message to a field, but then that field would be shipped to other outputs as well. In Logstash 1.5 you could store the field dump as a subfield of @metadata since that field doesn't propagate to outputs.
A side but related, anyway to get it to also put a link in the email to the event in kibana?
I don't think Kibana supports that kind of deep links. If it did, keep in mind that the document id that exactly identifies a log message isn't known by Logstash since it's assigned by Elasticsearch. If you need to access it through Logstash you'll have to generate a sufficiently unique id yourself and configure the elasticsearch output plugin to use it.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.