Can Loggly parse (derive values from) a JSON array (received using HTTP/S Bulk Endpoint)
I have a Loggly free trial account set up and receiving events
.
The JSON is an array of objects, devliered over a webhooks https POST. Each object is an event (as would seem reasonable for a bulk load interface). Simplified example:
[
{
"msys": {
"track_event": {
"event_id": "319115158633969504",
"friendly_from": "traffic.gen@example.com"
}
}
},
{
"msys": {
"track_event": {
"event_id": "319115158633970211",
"friendly_from": "traffic2.gen@example.com"
}
}
}
]
Can Loggly parse the contents of the JSON and extract values (e.g. event_id)? I've tried using the "Create Derived Fields" dialog, but this seems to be regex/line based rather than having JSON awareness.
Logically, I thought passing a JSON array would work, however after much trial-and-error, I found if you pass multiple, separate JSON objects separated by a newline character, these get parsed as separate events:
curl -H "content-type:application/json" -d $'{"timestamp":"2018-09-02T17:16:15.003123Z", "message":"test1"}\n{"timestamp":"2018-09-02T17:17:15.003123Z", "message":"test2"}' http://logs-01.loggly.com/bulk/<your-token>
A couple of things do bother me with this method (e.g. its not strictly, valid application/json you are passing, despite the content-type, and its not a JSON array), but this may get you over the hump in the problems you are having, but I'm hoping there is a more elegant answer than this.
See the following for more information: Loggly - Bulk Endpoint and Loggly - Automated Parsing
- SQL Server - how to query JSON string which has numeric value as keys
- Why does the ASP.Net MVC model binder bind an empty JSON array to null?
- How to get async call to return response to main thread, using okhttp?
- Backbone insert data inside Model from another
- Blazor requesting a json file
- UnicodeDecodeError: 'utf8' codec can't decode byte 0x80 in position 3131: invalid start byte
- How to parse JSON string in Typescript
- Removing JSON object from JSON file
- Directory import not supported
- Foreach loop in Reviews.io API for Products
- how to pass JSON data though a foreach loop in php
- How to select data and put it on label text coming from HTTP request in Xamarin
- json_encode() throwing an error: "Invalid UTF-8 sequence in argument"
- How can an arbitrary json structure be deserialized with reqwest get in Rust?
- Jmeter JSON Extractor for Value based off another Value in Array
- How to make members with the required keyword (C# 11) be required in JSON schemas generated by json-schema builder?
- How do I automatically fix an invalid JSON string?
- ModuleNotFoundError: No module named 'json'
- JSON schema to enforce array contents
- Oracle JSON Query with hyphen-key
- Converting XML to JSON using Python?
- How can add comments when serialize to JSON
- Accessing JSON's value from app metafield in liquid
- Create json-encoded array from a PDO query result column
- JSON encode the first column of a 2d array
- need to json_encode a PHP array in a particular way
- How to convert FormData (HTML5 object) to JSON
- Organisational Policy Permissions Google Cloud for Microsoft Migration
- Replace NULL with NIL when using JSON or Hash
- Which characters are valid/invalid in a JSON key name?