Мне нужно проанализировать многострочный журнал json с исключениями и трассировкой стека с помощью logstash. У меня есть основной журнал asp.net, созданный с помощью NLog в формате json:
{ "timestamp": "2021-01-31T17:18:30.1781670+03:00", "level": "Error", "eventid": "0", "logger": "WebScraper.WebApi.Controllers.ProductWatcherController", "callsite": "ProductWatcherController.CreateProduct", "message": "Internal server error", "exception": "System.Net.Http.HttpRequestException: The connection is not established, because the destination computer rejected the connection request.
---> System.Net.Sockets.SocketException (10061): The connection is not established. the destination computer rejected the connection request.
at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)
--- End of inner exception stack trace ---
at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean allowHttp2, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)
at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Net.Http.DiagnosticsHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
at WebScraper.Core.Helpers.HangfireSchedulerClient.CreateOrUpdateScheduler(ProductSchedulerDto productSchedulerDto) in D:\C#\WebScraper\WebScraper.Core\Helpers\HangfireSchedulerClient.cs:line 43
at WebScraper.Core.ProductWatcherManager.CreateProduct(String productUrl, Site siteDto, List`1 scheduler, Boolean pushToHangfire) in D:\C#\WebScraper\WebScraper.Core\ProductWatcherManager.cs:line 131
at WebScraper.WebApi.Controllers.ProductWatcherController.CreateProduct(CreateProductDto createProductDto) in D:\C#\WebScraper\WebScraper.WebApi\Controllers\ProductWatcherController.cs:line 202", "url": "https:\/\/localhost\/api\/ProductWatcher\/product", "action": "CreateProduct" }
В настоящее время я тестирую этот logstash.conf
input {
file {
codec => multiline
{
pattern => '^{'
negate => true
what => previous
}
start_position => "beginning"
path => "/usr/data/json-log.txt"
sincedb_path => "/dev/null"
}
}
filter {
mutate {
gsub => [ 'message','\n','']
}
json {
source => "message"
}
}
output {
elasticsearch {
hosts => "elasticsearch:9200"
index => "file-json"
}
stdout {}
}
Помогите сделать правильный конфиг.
multiline, _jsonparsefailure
, и весь json помещается в разделmessage
. В этом разделе json не разбирается. - person Aleksandr Pugach   schedule 03.02.2021