好吧,经过四处寻找,我无法找到问题的解决方案,因为它"应该"有效,但显然没有.我正在使用Ubuntu 14.04 LTS机器Logstash 1.4.2-1-2-2c0f5a1,我收到的消息如下:
2014-08-05 10:21:13,618 [17] INFO Class.Type - This is a log message from the class:
BTW, I am also multiline
在输入配置中,我有一个multiline编解码器,并且事件被正确解析.我还将事件文本分成几个部分,以便于阅读.
最后,我在Kibana中看到了类似下面的内容(JSON视图):
{
"_index": "logstash-2014.08.06",
"_type": "customType",
"_id": "PRtj-EiUTZK3HWAm5RiMwA",
"_score": null,
"_source": {
"@timestamp": "2014-08-06T08:51:21.160Z",
"@version": "1",
"tags": [
"multiline"
],
"type": "utg-su",
"host": "ubuntu-14",
"path": "/mnt/folder/thisIsTheLogFile.log",
"logTimestamp": "2014-08-05;10:21:13.618",
"logThreadId": "17",
"logLevel": "INFO",
"logMessage": "Class.Type - This is a log message from the class:\r\n BTW, I am also multiline\r"
},
"sort": [
"21",
1407315081160
] …