Logstash XML parsing failure due to no namespace defined

Saravana_Maadavan · May 3, 2020, 6:10pm

Hello,

I would like to store XMLs in elastic, so when I give "store_xml => true", I get a parsing exception because my whole XML is wrapped by a tag "<C:Message>" and the prefix "C" is not having any definition unfortunately (I know it is wrong implementation but the centralized logging framework is adding this parent tag, so would not be able to change). Now to overcome this, is there any solution such as add namespace or remove a particular prefix as such? I do not want to remove all the prefixes present in the document.

Sample XML:

<C:Message>
<Date>03-05-2020</Date>
<Time>11:00:34</Time>
<SOAP-ENV:Body>
<Customer>2432532</Customer>
</SOAP-ENV:Body>
</C:Message>

Cheers,
Maadavan

Saravana_Maadavan · May 5, 2020, 5:27am

Logstash Team,

Help or suggestions required here. Kindly do.

Cheers,
Maadavan

Badger · May 5, 2020, 3:29pm

You could use mutate+gsub to remove those.

Saravana_Maadavan · May 7, 2020, 8:51pm

@Badger,

Thanks a lot, your solution worked for replacing the necessary contents. However facing another exception while parsing huge XMLs. Have opened a new topic for the same. Marking your answer as solution.

https://discuss.elastic.co/t/logstash-throws-runtime-exception-while-parsing-huge-xml/231621

Cheers,
Maadavan

system · June 4, 2020, 8:51pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filter XML plugin namespace available? Logstash	1	268	October 12, 2022
Logstash throws runtime exception while parsing huge XML Logstash	6	590	June 18, 2020
Error parsing xml with XmlSimple / UndefinedNamespaceException: undefined prefix log4j found Logstash	3	451	October 10, 2022
Xml parcing problem Logstash	5	337	July 9, 2019
Struggling to parse XML using Logstash Logstash	1	278	October 13, 2020

Logstash XML parsing failure due to no namespace defined

Related topics