Categories
Development JSON

How to get Json in Grok Logstash

So currently I’m building a log system using ELK Stack. Before building this ELK, I already have custom log format for my apps, so that it can be easily read by human. My log is formatted something like this

Method: POST
URL: https://localhost:8888/api
Body: {
   "field1":"value1",
   "field2":[
       {
            "field3":"value2",
            "field4":"value3"
       },
       {
            "field3":"value2",
            "field4":"value3"
       },
    ]
}

using grok pattern, I can get the Method and the URL, but how can I get the full body json in grok / logstash so that i can send them to elasticsearch?
Since the length of the json is not fixed and can be longer or shorter each log

Thank you

Leave a Reply

Your email address will not be published. Required fields are marked *