Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
one of my nginx access log report "_jsonparsefailure" after adding to elk? #7779
ELK version: 5.4.1
Here is one piece of my nginx access log:
Here is the info from kibana discover json column:
Is there any string can not be recognize?
I found there many errors in /var/log/logstash/logstash-plain.log:
@jakelandis yes, exactly.
Here is my pipeline config file:
Is there a method to solve this issue, or filter these failures?
I tried to add a condition:
BUT, there still are many errors in the log:
@KeithTt The issue is that the User-Agent field is being populated with '\x__' characters, which is the default encoding for NGINX access logs, and, unfortunately, invalid JSON. If you are using a newer version of NGINX (>=1.11.8), then you can set
I've added a copy of this reply to your forum post and we can follow up with any questions there