search

rundeck-plugins / rundeck-logstash-plugin

Pipe all Rundeck log output to a Logstash server
28 stars 18 forks source link

Issues adding additional fields #4

Open mlamutt opened 6 years ago

mlamutt commented 6 years ago

Hi, I am trying to add additional fields to the stream, so we can provide consistent searching in kibana. I tried adding the fields like this:

def data= emeta + [
            line:context.count,
            datetime:event.datetime.time,
            loglevel:event.loglevel.toString(),
            message:event.message,
            eventType:event.eventType,
        environment:"production",
        dataCenter:"DC1",
        logCategory:"devops",
        application:"rundeck",
        logType:"rundeck",
        host:"rundeckdc101",
            fqdn:"rundeckdc101.mgmt.local",
        ]

This sent the new fields to ELK sporadically (it looks like it was based on the event type). What do I need to do change to get these fields sent every time?

I am running 2 instance of rundeck (one linux and one windows), both are running 2.10.1

Any help would be appreciated. thanks

ltamaster commented 6 years ago

Worked for me. I had to refresh the index on ELK.

Did you add it also to the "close" closures?