D
D
dboon2018-06-19 15:56:33
graylog
dboon, 2018-06-19 15:56:33

How to parse the Graylog2 log correctly?

There is a Graylog server, I receive logs from Untangle via syslog. Nothing, but part of the log comes like this
message
INFO uvm[0]: {"timeStamp":"2018-06-19 15:39:41.092","SClientPort":17324,"SServerPort":443,"SClientAddr":"XXXXXXX","tag":"uvm [0]: ","class":"class com.untangle.uvm.app.SessionNatEvent","SServerAddr":"/XXXXXXX","serverIntf":1,"sessionEvent":{"entitled":true," partitionTablePostfix":"_2018_06_19","hostname":"XXXXXXX","CServerPort":443,"protocol":6,"protocolName":"TCP","tag":"uvm[0]: ","serverLatitude" :55.7522,"localAddr":"/XXXXXXX","class":"class com.untangle.uvm.app.SessionEvent","SServerAddr":"/XXXXXXX","remoteAddr":"/XXXXXXX","serverIntf":1,"CClientAddr":"/XXXXXXX","serverCountry":"RU","sessionId":99933897939645,"SClientAddr":"/XXXXXXX","clientCountry":"XL", "CClientPort":52661,"policyRuleId":0,"timeStamp":"2018-06-19 15:39:41.092","serverLongitude":37.6156,"clientIntf":2,"policyId":1,"SClientPort" :17324,"bypassed":false,"SServerPort":443,"CServerAddr":"/XXXXXXX","tagsString":""},"partitionTablePostfix":"_2018_06_19"}"/XXXXXXX","clientCountry":"XL","CClientPort":52661,"policyRuleId":0,"timeStamp":"2018-06-19 15:39:41.092","serverLongitude":37.6156,"clientIntf ":2,"policyId":1,"SClientPort":17324,"bypassed":false,"SServerPort":443,"CServerAddr":"/XXXXXXX","tagsString":""},"partitionTablePostfix":" _2018_06_19"}"/XXXXXXX","clientCountry":"XL","CClientPort":52661,"policyRuleId":0,"timeStamp":"2018-06-19 15:39:41.092","serverLongitude":37.6156,"clientIntf ":2,"policyId":1,"SClientPort":17324,"bypassed":false,"SServerPort":443,"CServerAddr":"/XXXXXXX","tagsString":""},"partitionTablePostfix":" _2018_06_19"}"/XXXXXXX","tagsString":""},"partitionTablePostfix":"_2018_06_19"}"/XXXXXXX","tagsString":""},"partitionTablePostfix":"_2018_06_19"}
I want to get a readable version, it seems to be done by extrsctor (s)
Here's where to read about it? Tell me where to start

Answer the question

In order to leave comments, you need to log in

Similar questions

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question