Kibana displaying JSON incorrectly

Question

I'm using ELK (Elasticsearch, Logstash, Kibana) for logging purposes. The problem is Kibana doesn't seem to recognize my JSON, because it puts my JSON inside message.

Here's how I run Logstash:

bin/logstash -e 'input { udp { port => 5000 type => json_logger } } output { stdout { } elasticsearch { host => localhost } }'

Here's an example Logstash output for my logs (for debugging purposes I also output logs to stdout):

2014-10-07T10:28:19.104+0000 127.0.0.1 {"user_id":1,"object_id":6,"@timestamp":"2014-10-07T13:28:19.101+03:00","@version":"1","severity":"INFO","host":"sergey-System"}

How do I make Elasticsearch/Kibana/Logstash recognize JSON?

Try bin/logstash -e 'input { udp { port => 5000 type => json_logger codec => json} } output { stdout { } elasticsearch { host => localhost } }'. — Andrei Stefan
Thanks @AndreiStefan ! It worked. Would you mind adding this as an answer? — Sergey

Andrei Stefan Andrei Stefan · Accepted Answer · 2014-10-07T12:11:19

Try bin/logstash -e 'input { udp { port => 5000 type => json_logger codec => json} } output { stdout { } elasticsearch { host => localhost } }'.

Note the codec => json option.

Kibana displaying JSON incorrectly

1 Answers