Trace logs in ES

chunji08 · January 4, 2017, 11:32pm

Hi there,
My current LogStash project is trying to have all the submitted jobs indexed in ES, and if there was a job with some failure, we should return back the immediate cause of the failure. At this moment, I have these 2 questions now if someone can help.

Given a log file, if we know the key message in a log file, sometimes, I may also need to get the before/after lines of that key part. Something as if I was running this unix command "grep -B5 -A5 server.log". So Is there a way we could have the similar mechanism in ES ?
Some of our log file does not give the root cause of failure, but contains the message as " check further details in a different log file ... ". For something like this, what would be the better way to trace the root cause ?

Thanks,
Chun

warkolm · January 5, 2017, 12:11am

Nope.
That's more a user oriented problem.

system · February 2, 2017, 12:11am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Alerting on no log entires Logstash	2	832	February 26, 2020
Logstash not indexing anything Logstash	27	11097	July 6, 2017
Handling failures in ES output plugin Logstash	1	377	November 30, 2018
ES won't start - where can I check logs? Elasticsearch	2	333	August 29, 2019
How to find the number of times a particular log event happened in the ES using query Elasticsearch	1	317	June 27, 2018

Trace logs in ES

Related topics