Create specific log fields to match the message details

(Barry Kaplan) #1

I like how the log messages are encoded for easy human reading. But it would be really nice if all that data could also be put into key/value pairs so they are easily searchable in… elasticsearch :wink:

Its not clear just how hard it will be to build grok expressions to unpack the current messages.

(I think that elastic does not yet support json logging, but we configure it to so by dropping in ‘log4j2-logstash-layout-fatjar’ and swapping the PatternLayout’s to LogstashLayout’s.0

(Simone Scarduzio) #2

Hey @memelet,

I think ReadonlyREST audit logs is what you are looking for.

(Barry Kaplan) #3

Yes, missed that. It’s exactly what I want. Thanks