Using Nlog logger with ECS layout, in kibana the json object appear as a string instead of multiple properties
I'm working on some .Net framework application and i've been asked to send the logs to elasticsearch using kibana as the UI. To have something that is standardized i have to implement ECS (Elastic Common Schema).
Looking at the example we have on ECS github we only have to implement it on the following way:
Instead of sending to console, like we have on the example i send it to elastic search
The output from it, would be a nice Json object...
Maybe it is expected that on kibana we would see something like the following (Kibana - Discover):
Looking at that, probably the Json Object is supposed to be treated as a string and everything goes inside the message property, but that is not what i'm looking for, i want that json to be divided in many properties.
Since i'm new to Elastic stack world, i've tried to create a template inside the Index Management page and the performing there manual mappings like message._metadata.url to not treat some properties as part of the string but without success.
I'm having trouble finding useful information to solve this problem, can anyone give an hint?
UPDATE:
I found the property enableJsonLayout="true"that we can put on the target of Nlog that indeed turns whats on the Json layout as properties on ElasticSearch which is good.
Is this the right way to use ECS? How can i add aditional properties?
When you enable this enableJsonLayout="true" then it means that the configured Layout has to handle everything. For EcsLayout then you can find the documentation here:
https://github.com/elastic/ecs-dotnet/tree/master/src/Elastic.CommonSchema.NLog
EcsLayout will by default include all LogEvent Properties as metadata. See also https://github.com/NLog/NLog/wiki/How-to-use-structured-logging
But you can explicit add extra metadata-items:
<layout xsi:type="EcsLayout">
<metadata name="MyProperty" layout="MyPropertyValue" />
</layout>
- Elasticsearch showing received plaintext http traffic on an https channel in console
- How to make facet search by multiple nested fields in Elasticsearch Java API Client?
- Elasticsearch English stemming not working correctly
- How to take the current week's data (from the beginning of the week) from elasticsearch query irrespective of present week?
- Why does Elasticsearch use 9 GB of memory, with default settings?
- Fetch data from a middle of a big stack using searchAfter(jump to a specific page,)
- The remote server returned an error: (413) Request Entity Too Large. Elasticsearch and JSON
- Elasticsearch lightweight monitors unable to use params
- elasticsearch 2 node cluster: proper setup?
- How many racks should I set in my ElasticSearch cluster
- Split a string in Painless/ELK
- Elastic KNN search num candidates. How are the candidates selected?
- How to change elastic Eck operator setting to create node sets as Kind: Deployment instead of StatefulSet?
- Observability in Laravel Applications
- What is the use case for index closing in ElasticSearch?
- ElasticSearch: Filter by minimal value in nested field
- opensearch-py not accepting connection with AWS signer on async client
- elasticsearch query nested array of objects
- ElasticSearch: Unassigned Shards, how to fix?
- get elasticsearch schema via commandline tool
- What happened to elasticsearch/elasticsearch?
- Elasticsearch:how to change cluster health from yellow to green
- ConnectionError when initializing BM25Assembler in DB-GPT
- Configuring ElasticSearch SSL and Python Querying, Certificates Question
- How different types of indexes are stored in elastic search?
- How to upload a csv to aws opensearch?
- Elasticsearch synonyms for index analyzer
- Could not connect Logstash to Kafka via compose file
- Kafka Elasticsearch Sink Connector: Connection Error
- How to set track_total_hits in Elasticsearch using Laravel Scout?