Hi all,
currently I have an event which my contain exceptions like nullpointerException or javax.ejb.EJBException or my.very.OwnException in one of it's field. The event itself can get quite big because of very long stack traces. It's not decided yet if we will keep the message field when we splitted the log line to it's fields.
What is the most performant and most resource saving way to search or filter for these exceptions? Since searching for exceptions is one of the top usecases, it is also ok to change optimize at indexing time or to modify analyzers (I am new to analyzers, did not touch them yet).
I need to search for them via kibana, so I need a solution kibana is capable of.
Currently it seems to work when I search for *exception. Querying for *exception* gives me errors for 2 shards. I assume because the string for the search gets too long if I don't specify a field. When pointing to a specific field during querying message: *exception* kibana comes back with no error.
So I am thankful for all best practices you could offer.
Thanks a lot,
Andreas