Logstash Unexpected character ('-' (code 45)): was expecting comma to separate Array entries

Rahul_Ravichandran · March 24, 2020, 11:35am

Hi i am trying to move my application logs to kibana through logstash.
1.This is my logstash.conf file:

input {
     file {
    path  => "/home/ubuntu/*"
  }
}
filter {
	  
    json {
        source => "message"
    }
}

output {
  amazon_es {
    hosts => ["*****************************************"]
    region => "us-east-1"
    index => "stash"
    #user => "elastic"
    #password => "changeme"
  }
}

when i try to run the config file this what the output i get:

[WARN ] 2020-03-24 11:15:34.878 [[main]>worker1] json - Error parsing json {:source=>"message", :raw=>"[2020-03-24 11:15:33] file_db_logger.INFO: {\"Code\":\"BGDRIF947\",\"Message\":\"Total items backup today\",\"time\":1585048533,\"userId\":\"*************\",\"businessUserId\":\"**********\",\"cloudId\":1,\"domainId\":\"****\",\"additionalInfo\":\"389,395,0\"} [] []", :exception=>#<LogStash::Json::ParserError: Unexpected character ('-' (code 45)): was expecting comma to separate Array entries

kindly help me out with this

Badger · March 24, 2020, 12:32pm

That is not valid JSON. You could parse the prefix off using dissect.

Rahul_Ravichandran · March 24, 2020, 12:51pm

Hi Badger, Thank for replying will try it

Rahul_Ravichandran · March 27, 2020, 12:28pm

Hi

Dissect dint work for me but i used this

input {
  file {
    path  => "/home/ubuntu/*"
    start_position => "beginning"
  }
}
filter {

   grok {
    match => { "message" => "(?<jsonf>({.*}))"}
  }
  json {
            source => "jsonf"
  }
  mutate {
        remove_field => [ "message","jsonf" ]
      }
}

output {
  amazon_es {
    hosts => ["***********************"]
    region => "us-east-1"
    index => "lgs-%{+YYYY.MM.dd}"
    #user => "elastic"
    #password => "changeme"
  }
}

It dint show up any error says that "logstash API started successfully "
But still i am not able to see up the index created in kibana . I am using AWS Elasticsearch.
My server has a full permission to Elastic Search.
So, what am i doing wrong here

fadjar340 · March 28, 2020, 3:00am

Try put:

codec => "json" into the input

Regards,
Fadjar Tandabawana

Rahul_Ravichandran · March 30, 2020, 8:05am

Hey guys thank for you time Actually i was giving my log file path wrongly other than that the configurations works perfectly.

Topic		Replies	Views
Logstash throwing error .Unexpected character (‘<’ (code 60)) Logstash	12	3582	September 18, 2019
Error parsing json in Logstash Logstash	2	5532	August 16, 2017
Logstash parsing json Logstash	9	858	March 29, 2021
Logstash Json Parsing Error Logstash	2	285	August 25, 2023
Parse Logstash.log with logstash Logstash	2	739	July 6, 2017

Logstash Unexpected character ('-' (code 45)): was expecting comma to separate Array entries

Related topics