我正在将应用程序日志从 Fluentd 发送到 Elasticsearch,我无法在 Elasticsearch UI 中查看视图上下文日志,并且我已经添加了从下面的 Fluentd 发送到 Elasticsearch 的数据格式
{
"took": 12,
"timed_out": false,
"_shards": {
"total": 1,
"successful": 1,
"skipped": 0,
"failed": 0
},
"hits": {
"total": {
"value": 1,
"relation": "eq"
},
"max_score": 1,
"hits": [
{
"_index": "xxxxxx",
"_id": "xxxxxxxxx",
"_score": 1,
"_source": {
"filename": "access.log",
"hostname": "app",
"remote": "172.x.x.x",
"host": "-",
"user": "-",
"method": "GET",
"path": "/status.js",
"code": "200",
"size": "17",
"referer": "-",
"agent": "kube-probe/1.21",
"@timestamp": "2023-04-27T07:05:12.000000000+00:00"
}
}
]
}
}
如何使用上述格式数据在 Elasticsearch UI 中获取视图上下文选项?谁能帮我解决这个问题吗?预先感谢
我尝试更改消息字段以键入文本,并确保时间戳与事件日志一起传递,但仍然未显示在上下文中查看选项
host.name 和 log.file.path 这两个字段是在 Kibana UI 中获取上下文选项中的视图所必需的。所以我必须在从 Fluentd 发送到 Elasticsearch 的事件中包含这两个字段。