"har_log"=>"{\n "log": {\n "version": "1.2",\n "creator": {\n "name": "Sample Harchive",\n "version": "0.1",\n "comment": "SERVER_NAME: api.sample.local"\n },\n "entries": [\n\n ]\n }\n}"}, @lut={"message"=>[{"@timestamp"=>"2017-01-10T21:19:10.000Z", "beat"=>{"hostname"=>"HOST-123", "name"=>"HOST-123"}, "count"=>1, "input_type"=>"log", "message"=>"2017-01-10T13:19:10-08:00 HEAVYINFO (8): tId-e3789f2da5313c1847d560f7013b3e0f HAR = {\n "log": {\n "version": "1.2",\n "creator": {\n "name": "Sample Harchive",\n "version": "0.1",\n "comment": "SERVER_NAME: api.sample.local"\n },\n "entries": [\n\n ]\n }\n}", "offset"=>224089479, "source"=>"/var/log/request.log", "type"=>"log", "@version"=>"1", "mid"=>"smith-nginx.stage", "timestamp"=>"2017-01-10T13:19:10-08:00", "severity"=>"HEAVYINFO", "severity_level"=>"8", "tid"=>"tId-e3789f2da5313c1847d560f7013b3e0f", "har_log"=>"{\n "log": {\n "version": "1.2",\n "creator": {\n "name": "Sample Harchive",\n "version": "0.1",\n "comment": "SERVER_NAME: api.sample.local"\n },\n "entries": [\n\n ]\n }\n}"}, "message"], "timestamp"=>[{"@timestamp"=>"2017-01-10T21:19:10.000Z", "beat"=>{"hostname"=>"HOST-123", "name"=>"HOST-123"}, "count"=>1, "input_type"=>"log", "message"=>"2017-01-10T13:19:10-08:00 HEAVYINFO (8): tId-e3789f2da5313c1847d560f7013b3e0f HAR = {\n "log": {\n "version": "1.2",\n "creator": {\n "name": "Sample Harchive",\n "version": "0.1",\n "comment": "SERVER_NAME: api.sample.local"\n },\n "entries": [\n\n ]\n }\n}", "offset"=>224089479, "source"=>"/var/log/request.log", "type"=>"log", "@version"=>"1", "mid"=>"smith-nginx.stage", "timestamp"=>"2017-01-10T13:19:10-08:00", "severity"=>"HEAVYINFO", "severity_level"=>"8", "tid"=>"tId-e3789f2da5313c1847d560f7013b3e0f", "har_log"=>"{\n "log": {\n "version": "1.2",\n "creator": {\n "name": "Sample Harchive",\n "version": "0.1",\n "comment": "SERVER_NAME: api.sample.local"\n },\n "entries": [\n\n ]\n }\n}"}, "timestamp"], "severity"=>[{"@timestamp"=>"2017-01-10T21:19:10.000Z", "beat"=>{"hostname"=>"HOST-123", "name"=>"HOST-123"}, "count"=>1, "input_type"=>"log", "message"=>"2017-01-10T13:19:10-08:00 HEAVYINFO (8): tId-e3789f2da5313c1847d560f7013b3e0f HAR = {\n "log": {\n "version": "1.2",\n "creator": {\n "name": "Sample Harchive",\n "version": "0.1",\n "comment": "SERVER_NAME: api.sample.local"\n },\n "entries": [\n\n ]\n }\n}", "offset"=>224089479, "source"=>"/var/log/request.log", "type"=>"log", "@version"=>"1", "mid"=>"smith-nginx.stage", "timestamp"=>"2017-01-10T13:19:10-08:00", "severity"=>"HEAVYINFO", "severity_level"=>"8", "tid"=>"tId-e3789f2da5313c1847d560f7013b3e0f", "har_log"=>"{\n "log": {\n "version": "1.2",\n "creator": {\n "name": "Sample Harchive",\n "version": "0.1",\n "comment": "SERVER_NAME: api.sample.local"\n },\n "entries": [\n\n ]\n }\n}"}, "severity"], "severity_level"=>[{"@timestamp"=>"2017-01-10T21:19:10.000Z", "beat"=>{"hostname"=>"HOST-123", "name"=>"HOST-123"}, "count"=>1, "input_type"=>"log", "message"=>"2017-01-10T13:19:10-08:00 HEAVYINFO (8): tId-e3789f2da5313c1847d560f7013b3e0f HAR = {\n "log": {\n "version": "1.2",\n "creator": {\n "name": "Sample Harchive",\n "version": "0.1",\n "comment": "SERVER_NAME: api.sample.local"\n },\n "entries": [\n\n ]\n }\n}", "offset"=>224089479, "source"=>"/var/log/request.log", "type"=>"log", "@version"=>"1", "mid"=>"smith-nginx.stage", "timestamp"=>"2017-01-10T13:19:10-08:00", "severity"=>"HEAVYINFO", "severity_level"=>"8", "tid"=>"tId-e3789f2da5313c1847d560f7013b3e0f", "har_log"=>"{\n "log": {\n "version": "1.2",\n "creator": {\n "name": "Sample Harchive",\n "version": "0.1",\n "comment": "SERVER_NAME: api.sample.local"\n },\n "entries": [\n\n ]\n }\n}"}, "severity_level"], "tid"=>[{"@timestamp"=>"2017-01-10T21:19:10.000Z", "beat"=>{"hostname"=>"HOST-123", "name"=>"HOST-123"}, "count"=>1, "input_type"=>"log", "message"=>"2017-01-10T13:19:10-08:00 HEAVYINFO (8): tId-e3789f2da5313c1847d560f7013b3e0f HAR = {\n "log": {\n "version": "1.2",\n "creator": {\n "name": "Sample Harchive",\n "version": "0.1",\n "comment": "SERVER_NAME: api.sample.local"\n },\n "entries": [\n\n ]\n }\n}",