graylog

How to parse the Graylog2 log correctly?

There is a Graylog server, I receive logs from Untangle via syslog. Nothing, but part of the log comes like this
message
INFO uvm[0]: {"timeStamp":"2018-06-19 15:39:41.092","SClientPort":17324,"SServerPort":443,"SClientAddr":"XXXXXXX","tag":"uvm [0]: ","class":"class com.untangle.uvm.app.SessionNatEvent","SServerAddr":"/XXXXXXX","serverIntf":1,"sessionEvent":{"entitled":true," partitionTablePostfix":"_2018_06_19","hostname":"XXXXXXX","CServerPort":443,"protocol":6,"protocolName":"TCP","tag":"uvm[0]: ","serverLatitude" :55.7522,"localAddr":"/XXXXXXX","class":"class com.untangle.uvm.app.SessionEvent","SServerAddr":"/XXXXXXX","remoteAddr":"/XXXXXXX","serverIntf":1,"CClientAddr":"/XXXXXXX","serverCountry":"RU","sessionId":99933897939645,"SClientAddr":"/XXXXXXX","clientCountry":"XL", "CClientPort":52661,"policyRuleId":0,"timeStamp":"2018-06-19 15:39:41.092","serverLongitude":37.6156,"clientIntf":2,"policyId":1,"SClientPort" :17324,"bypassed":false,"SServerPort":443,"CServerAddr":"/XXXXXXX","tagsString":""},"partitionTablePostfix":"_2018_06_19"}"/XXXXXXX","clientCountry":"XL","CClientPort":52661,"policyRuleId":0,"timeStamp":"2018-06-19 15:39:41.092","serverLongitude":37.6156,"clientIntf ":2,"policyId":1,"SClientPort":17324,"bypassed":false,"SServerPort":443,"CServerAddr":"/XXXXXXX","tagsString":""},"partitionTablePostfix":" _2018_06_19"}"/XXXXXXX","clientCountry":"XL","CClientPort":52661,"policyRuleId":0,"timeStamp":"2018-06-19 15:39:41.092","serverLongitude":37.6156,"clientIntf ":2,"policyId":1,"SClientPort":17324,"bypassed":false,"SServerPort":443,"CServerAddr":"/XXXXXXX","tagsString":""},"partitionTablePostfix":" _2018_06_19"}"/XXXXXXX","tagsString":""},"partitionTablePostfix":"_2018_06_19"}"/XXXXXXX","tagsString":""},"partitionTablePostfix":"_2018_06_19"}
I want to get a readable version, it seems to be done by extrsctor (s)
Here's where to read about it? Tell me where to start