sending multiline logs to logstash
Tags:
elasticsearch; logstash
#1
awahlert
Hi,
i have a very basic question.
i have to use nxlog as a logshipper on the (solaris) client side to logstash (elk).
Within this configuration there are some bigger logfiles with multilines to parse (java traces / xml ...).
Should i handle the multiline on the nxlog side or on the logstash receiver side?
thanks in advance
Andreas
#1
awahlert
Hi,
i have a very basic question.
i have to use nxlog as a logshipper on the (solaris) client side to logstash (elk).
Within this configuration there are some bigger logfiles with multilines to parse (java traces / xml ...).
Should i handle the multiline on the nxlog side or on the logstash receiver side?
thanks in advance
Andreas
It should be fairly easy to do that on the agent side, see the Parsing Multi-Line Messages section in the user guide.
