Parsing json file with logstash

Badger · January 9, 2020, 6:08pm

With that input file and

file { path => "/home/user/foo.txt" sincedb_path => "/dev/null" start_position => beginning codec => multiline { pattern => "^Spalanzani" negate => true what => previous auto_flush_interval => 1 multiline_tag => "" } }
filter { json { source => "message" remove_field => [ "message" ] } }
output { stdout { codec => rubydebug { metadata => false } } }

I get a single event

{
   "log_url" => "http://127.0.0.1/log.txt",
       "key" => "22op3dfe",
   "raw_msg" => "404.19 – Denied by filtering rule",
       "MD5" => "2c5cddf13ab55a1d4eca955dfa32d245",
    "syntax" => "text",
  "@version" => "1",
    "SHA256" => "766be5c99ba674f985ce844add4bc5ec423e90811fbceer5ec84efa3cf1624f4",
      "user" => "user",
       "URL" => "http://127.0.0.1",
  "YaraRule" => [
    [0] "no_match"
],
    "expire" => "0",
      "size" => 107,
    "source" => "localhost",
       "Msg" => "404 OK",
  "filename" => "log.txt",
"@timestamp" => 2020-01-07T13:59:04.000Z
}

Topic		Replies	Views
JSON Parsing Error - Logstash Logstash	2	312	January 2, 2020
Json logstash Logstash	6	781	August 14, 2017
What is wrong with my JSON file? Why this is not being parsed? Logstash	13	615	February 2, 2019
How to parse JSON data in Logstash Logstash	2	12078	February 20, 2018
Logstash is unable to process json file Logstash	7	1633	June 3, 2019

Parsing json file with logstash

Related topics