Why does logstash keep adding event data to the ingested logs?

This page summarizes the projects mentioned and recommended in the original post on /r/elkstack
Docker ElasticSearch Logstash Kibana Elk

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • docker-elk

    The Elastic stack (ELK) powered by Docker and Compose.

    Essentially I've got 2 sets of standard JSON files that I'm trying to ingest into a dockerized ELK stack. The first set was downloaded cloudflare logs, standard line separated JSON data, tried to use Filebeat to ingest and it kept prefixing the JSON data with some dumb ECS event data, basically exactly what this post describes if its easier to see in pics. All of the cloudflare data was nested within the event.original field and would not get mapped. But once I tried to use just logstash directly, it was fine and mapped correctly and no more event data.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts