Answer the question
In order to leave comments, you need to log in
J
J
Jolt2020-10-22 22:59:14
Jolt, 2020-10-22 22:59:14
Why are messages cut line by line in Kibana?
There are several microservices.
Everyone writes logs to ELK through the logging mechanism built into docker, configured in docker-compose like this:
logging:
driver: "syslog"
options:
syslog-address: "upd://192.168...."
tag: "$HOSTNAME {{.ImageName}} {{.Name}} "But in kibana, each message is divided into lines (that is, in each kibana message, the message field is only up to the end of the line, the rest of the lines have to be searched for by different filters).
Where did I do something wrong? :)
2 answer(s)
@Jolt
@mayton2019
S
Saboteur, 2020-10-23 @Jolt
Kibana does not cut or break anything at all.
How you put strings in elastic is how they are stored there.
It is necessary to parse them with something along the way, combine multiline messages and send them to the elastic as a single message. This is what logstesh does, for example. Or you need to see what your built-in logging mechanism can do, maybe there are settings for multistring
M
mayton2019, 2020-10-23 @mayton2019
Make an additional appender that writes in json format and set up kibana for these files. And then the multiline problem will be solved.
Similar questions
D
Denis Balandin2019-12-04 10:18:49
How do I replace the "Add to Cart" button for a specific brand?
2Reply
D
A
I
K
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question