Menu
I span up an ELK stack today and all is working well, but for some reason Kibana logs it's own messages in JSON format to syslog. For example:
Oct 19 18:49:28 elk-host kibana[11111]: {"type":"response","@timestamp":"2016-10-19T17:49:28+00:00","tags":[],"pid":22749,"method":"post","statusCode":200,"req":{"url":"/elasticsearch/logstash*/_field_stats?level=indices","method":"post","headers":{"host":"1.2.3.4:5601","connection":"keep-alive","content-length":"178","accept":"application/json, text/plain, */*","origin":"http://1.2.3.4:5601","kbn-version":"4.4.2","user-agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36","content-type":"application/json;charset=UTF-8","referer":"http://1.2.3.4:5601/app/kibana","accept-encoding":"gzip, deflate","accept-language":"en-US,en;q=0.8"},"remoteAddress":"5.6.7.8","userAgent":"5.6.7.8","referer":"http://1.2.3.4:5601/app/kibana"},"res":{"statusCode":200,"responseTime":11,"contentLength":9},"message":"POST /elasticsearch/logstash*/_field_stats?level=indices 200 11ms - 9.0B"}
All other logs are in the normal format
Is this intentional or have I missed a Kibana setting somewhere?
If this is intentional, I'll probably just add a syslog filter to log it properly ... But hoping I wont have to
417
In the Kibana config file (in config/kibana.yml) you can add the following (undocumented) setting:
logging.json: false
and your Kibana logs won't be formatted to JSON anymore.
152
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
