Tried make this work few moths back, gave up. Issue again on head. Lesson giving up does fix the problem. I have this Java applicaiton running on JBoss server and it writes Log4j files. The files go like 1 gb and rotate. Hence important I use ELK to make any sense out of it. The log4j log has following entries
14 Jan 2017 11:32:36,113 INFO STDOUT:? - [B@99541e35
14 Jan 2017 11:32:36,113 INFO STDOUT:? -
14 Jan 2017 11:32:36,113 INFO STDOUT:? -
14 Jan 2017 11:32:36,113 DEBUG AppLogger:? - 0,,com.prod.rout.core,DEBUG,ThreadPool-0-1 testDriver COM - AppInterface send success for message with unique id 42f5g34f-754d-3453-s3ffd-aa4433fffs
14 Jan 2017 11:32:36,113 DEBUG AppLogger:? - 0,,com.prod.module,DEBUG,sent response --> 000 00000 9999999999999999
Thanks for sharing that info. Yes I did try and seems the pattern is not working out correct. Reason I think so is that logstash waits after launch not scrolling any data on console which it does if it was able to match the pattern. I tried using the log4j pattern on the log4j config and then using the constructor site tried generating the grok pattern. I was able to load a test file with corresponding know pattern hence I feel the setup is ok,
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.