jeremyjpj0916
commented
5 years ago Something like:
Is what I had in mind , Where there needs to be a toggle above the table next to messages to enable the JSON format vs table format.
Open jeremyjpj0916 opened 5 years ago
jeremyjpj0916
commented
5 years ago Something like:
Is what I had in mind , Where there needs to be a toggle above the table next to messages to enable the JSON format vs table format.
ivorynoise
commented
2 years ago +1
I am using the gelf HTTP event intake for Structured flat JSON logs.
Table is all right in the UI, but if you have ever seen some tools they display in a pretty print JSON format per event its a very clean feel, format your required fields outside the JSON but all the _CustomFields presented could be presented as pretty print JSON.
This enables as you check more columns on the left hand side to show in display the page stretches top down as opposed to a table which does side to side and makes readability poor.
I imagine in the UI on the search page have a checkbox that say format as JSON which transforms the view from a table with columns as the fields to a JSON structure key value much like how it was originally taken in through the GELF endpoint. Still as a dev you can make it a table of events, but each row of the table becomes the JSON in the center of the column pretty printed and the standard noise required fields like timestamp can get their own column off to the left side, same for short_message etc. could be in the row below the JSON fields.
Anyone can point me to the lines of UI code I need to dig into I could potentially give it a go too :) , I am not generally a front-end guy though. Brand new to graylog and its codebase here.