How to configure ELK to display one string per printstacktrace Exception, that it does not lead to a mixture of streams and corrupted event data (safe threads).
Now stacktrace in Kibana is splitted into multiple lines.
My Logstash conf:
input {
gelf {}
}
output {
elasticsearch {
hosts => ["elasticsearch"]
index => "myApplication-%{+YYYY.MM.dd}"
}
stdout { }
}
The general recommendation is to perform any kind of multiline processing as close to the source as possible. What does you ingest process look like? What collects the data in the first place?
My applications run inside five container dockers and send logs to stdout. GELF driver in the docker redirects these messages to logstash.
I found this article https://github.com/elastic/logstash/issues/4308
This article did not help me.
How can this problem be solved?
Then ideally the gelf driver should handle multi line processing, but I am not familiar with this.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.