These fields are added by logstash, or more precisely the gelf-rb
module used to format GELF messages. They are added because they are
required fields according to the GELF 1.0 spec.
Did you probably mean values of that fields, but not fields itself? I have
tried to use Syslog UDP
On 22.08.2014 08:29, ellyas ellyas wrote:
Did you probably mean values of that fields, but not fields itself? I
Both, I guess. Because a field can only be present with a value in it.
(We could argue whether the empty string is a valid value for a GELF
facility, but that does not lead anywhere.
Hi!
Am Freitag, 22. August 2014 11:11:12 UTC+2 schrieb Martin Schütte:
have tried to use Syslog UDP input without logstash, and there are also
these 2 fields facility = unknown and level = Invalid [-1]
(values are different from GELF). Version is gone.
That is another topic; BSD
Hi friends! I have simple system of graylog2, whos collect logs from pair
of esxi hosts and a pair of windows server 2008 hosts. All log parse by
logstash, and it cleans them from some useless fields, like @version. In
the logstash out i have, for example, next:
{
message = 12345,
@timestamp =
