not parsing properly inside logstash 2 beta 2

[alemairebe]

I was parsing syslog events ; and I got this mapping in version 2 beta 2 ?program <134>2015-10-16T14 ?referrer <134>2015-10-16T14:39:35.033147+02:00 centos6- ?request <134>2015-10-16T1 ?response <13 ?syslog_facility local0 ?syslog_facility_code 16 ?syslog_pri <13 ?syslog_severity informational ?syslog_severity_code 6 ?timestamp <134>2015-10-16T14:39:35.0 ttype syslog ?verb <13 I rolled back to 2 beta 1 and get far better result : ?response 200 ?syslog_facility local0 ?syslog_facility_code 16 ?syslog_pri 134 ?syslog_severity informational ?syslog_severity_code 6 ?timestamp 16/Oct/2015:15:26:16 +0200 ttype syslog ?verb GET

I hope I post it to the right repo, I seems to my related to grok but could be also to logstash. I'm running logstash with 16 filter threads.

[splitice]

This seems related to the bug I opened on logstash's main repository - https://github.com/elastic/logstash/issues/4055

I dont see any commits in this repository that should have caused it. Hmmm.

Mines just one filter thread, a much simpler configuration....

[guyboertje]

This is a JrJackson bug. it is fixed in v 0.3.6 which is in rubygems now. We will release beta 3

[jsvd]

@guyboertje this can be closed, right?