Graylog not accepting value of array of when sending data to GELF HTTP

Ganeshbabu · October 9, 2019, 7:01pm

Hi All,

I am running graylog 3.1.1 version with GELF HTTP input and I started sending data to gelf port and data is receiving in stream and below is the message form the stream,

The sourceStreams field values is an array but when its storing in elasticsearch its not storina as array instead its storing as string and below is the document from elasticsearch,

      "eventId" : "01DPQVDZRZFWVPZ25CKYZ",
      "timerange_end" : "2019-10-09T08:51:02.984Z",
      "source" : "graylog.asia-south1-c.profound-veld.internal",
      "message" : "IIS_HighVolume_500_ErrorCodes:count()=46.0",
      "priority" : 2,
      **"sourceStreams" : """["5d9b30ae17d4b303c5793f21"]""",**
      "event_definition_type" : "aggregation-v1",
      "event_definition_id" : "5d9b325e17d4b303c579410f",
      "timestamp" : "2019-10-09 17:19:19.100",
      "timerange_start" : "2019-10-09T08:50:02.985Z"

Please let me know your thoughts why this kind of behaviour happening in graylog and correct me if I am doing anything wrong.

Thanks,
Ganeshbabu R

system · October 23, 2019, 7:01pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Array Data Type Supported by Graylog Graylog Central (peer support) pipeline-rules , route-to-streampl	6	1858	July 24, 2019
Logging events with lists in fields Graylog Central (peer support)	2	598	November 21, 2019
Graylog metrics plugin feeding data via GELF to Graylog causing parsing errors Graylog Central (peer support)	3	505	July 31, 2020
Logstash Output to Graylog 3.0 (Can't search message) Graylog Central (peer support)	3	2525	May 24, 2019
Graylog not processing the text/plain logs that i'm sending Graylog Central (peer support)	7	938	December 6, 2019

Graylog not accepting value of array of when sending data to GELF HTTP

Related topics