argus client json format
CS Lee
geek00l at gmail.com
Sun May 4 21:39:39 EDT 2014
hi Carter,
The json format specification can be found here -
http://www.json.org/
And there's example showing the both xml and json format here -
http://json.org/example.html
This data format is very popular now especially for restful system, right
now it is supported by both logstash and fluentd for data interception. I
have seen couple of tools that use libjansson to output the data in json
format
http://www.digip.org/jansson/
I'm interested to know rabins with elasticsearch approach though, are they
using for performance and topN tracking?
Thank you!
On Mon, May 5, 2014 at 5:00 AM, Carter Bullard <carter at qosient.com> wrote:
> Hey CS Lee,
> There are a number of projects doing argus with elasticsearch and kibuna.
> One in particular, Gloriad, which is doing amazing things with this stuff,
> is doing rabins -> X -> elasticsearch, not sure that it is logstash,
> though.
>
> Not going to be able to add anything else right now,
> but what is JSON format ???
>
> Carter
>
> On May 4, 2014, at 5:10 AM, CS Lee <geek00l at gmail.com> wrote:
>
> hi Carter,
>
> Currently I'm tweaking argus to work with logstash+elasticsearch+kibana,
> and I have them working, the way i do is
>
> argus -> ra -c,(CSV) -> logstash -> elasticsearch -> kibana
>
> Right now I have it working properly and argus data is indexed in
> elasticsearch, I would like to ask since argus client supports -M xml, can
> you add the support for json format as well to do -M json, right now I'm
> using logstash filter configuration to handle the data field to be
> interpreted correctly in elasticsearch, however the main problem of using
> comma separated format is the user data(if the user data contains comma it
> breaks), I would like to put suser,duser data into elasticsearch so all of
> them become searchable.
>
> I will put up the documentation of how I get everything to work later if
> anyone is interested.
>
> Cheers!
>
> --
> Best Regards,
>
> CS Lee<geek00L[at]gmail.com>
>
> http://geek00l.blogspot.com
> http://defcraft.net
>
>
--
Best Regards,
CS Lee<geek00L[at]gmail.com>
http://geek00l.blogspot.com
http://defcraft.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20140505/0bf406c0/attachment.html>
More information about the argus
mailing list