Parsing error Logstash with file as input

Xor44 · November 21, 2020, 2:48pm

Hi Folks ,
I'm new in ELK , i'm trying read and parse a file with logstash. But I get some errors during the parsing process
Here is an example of logs

// date="Nov 21 2020 14:36:00" AED="1.1.1.1" type=group_location pg_id="3000" pg_name="TEST on ASP-LAB1" country="US" bpsPassed="18" bpsDropped="0" ppsPassed="0" ppsDropped="0"
date="Nov 21 2020 14:37:00" AED="1.1.1.1" type=group_location pg_id="3000" pg_name="TEST on ASP-LAB1" country="US" bpsPassed="36" bpsDropped="0" ppsPassed="0" ppsDropped="0"

//
input {
file{
path => "/home/data/aed_ts-*"
start_position => "beginning"
sincedb_path => "NUL"
codec => json }
}
filter {
json {
source => "message"
}
}
output {
elasticsearch {
index => "ed-test-1%{+YYYY.MM.dd}"
hosts => ["https://es01:9200"]
ssl => true
ssl_certificate_verification => false
cacert => "/usr/share/logstash/certs/ca/ca.crt"
manage_template => false
user => "elastic"
password => "${ELASTIC_PASSWORD}"
}
}
//

Badger · November 21, 2020, 3:09pm

Those logs are not JSON, so both the json codec and the json filter will produce errors. Remove the json codec and replace the json filter with a kv filter.

system · December 19, 2020, 3:09pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Error parsing json with Logstash Logstash	15	8951	October 10, 2019
JSON Parsing Error - Logstash Logstash	2	312	January 2, 2020
Parsing json file with logstash Logstash	12	6990	February 11, 2020
Parse json file with logstash Logstash	6	8059	July 9, 2018
Parsing JSON in Logstash - Getting _jsonparsefailure error Logstash	3	1165	February 20, 2019

Parsing error Logstash with file as input

Related topics