Format FluentD log messages
This is what they currently look like:
{
"_index": "logstash-2017.02.20",
"_type": "fluentd",
"_id": "AVpatXa7i_MxxwnT0s-t",
"_score": null,
"_source": {
"container_id": "d0fd85fd23395a764e20f5ac08bcdd6b115ddd9b3d3cfd4987aa42092500943a",
"container_name": "/matterbridge",
"source": "stderr",
"log": "time=\"2017-02-20T08:47:09Z\" level=error msg=\"error:websocket: close 1006 (abnormal closure): unexpected EOF\" module=matterclient ",
"hostname": "pmon1",
"@timestamp": "2017-02-20T09:47:09+01:00",
"@log_name": "app.matterbridge"
},
"fields": {
"@timestamp": [
1487580429000
]
},
"highlight": {
"@log_name": [
"@kibana-highlighted-field@app.matterbridge@/kibana-highlighted-field@"
],
"@log_name.keyword": [
"@kibana-highlighted-field@app.matterbridge@/kibana-highlighted-field@"
]
},
"sort": [
1487580429000
]
}
The _source/log
field should be reformatted to get access to the individual fields inside.