I think the biggest issue was that for me it was slightly difficult to understand all the examples, pretty new to rsyslog so allot of information to go trough :). But I think what i had not done was to make a template that included for example this: constant(value="\"@timestamp\":\"") property(name="timereported" dateFormat="rfc3339") This is the config I use now and that looks to work so far: http://pastebin.com/ZC8yVN3f It all shows in Kibana, only thing I cannot resolve still is that it just dumps it all under the field "message" in Kibana, ideally would be if I can get it split on different fields so you can make Dashboards and us the fields. -----Original Message----- From: "Rainer Gerhards"<[email protected]> To: "SjirBagmeijer"<[email protected]>; "rsyslog-users"<[email protected]>; Cc: Sent: 2014-10-08 (Wed) 20:10:53 Subject: Re: [rsyslog] json files directly to ES
2014-10-08 13:06 GMT+02:00 SjirBagmeijer <[email protected]>: I have everything shipped now without issues! What was the problem and how did you fix it? Rainer _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
