[ERROR] _grokparsefailure_sysloginput

Question

[ERROR] _grokparsefailure_sysloginput

Opened this issue 5 years ago · 0 comments

Hey there,

thanks for the plugin. It is working quite fine, but this error message is beeing generated all the time. Can you tell me how i can fix it?

The Logs are sent via Syslog from a Zscaler Nanolog Service. After the progress they are pushed to an elasticsearch database.

{"facility":0,"@timestamp":"2020-03-12T11:42:35.041Z","priority":0,"@Version":"1","facility_label":"kernel","event":{"original":"\n"},"severity_label":"Emergency","logstash":{"host":"192.168.X.X"},"tags":["_grokparsefailure_sysloginput","_dissectfailure"],"severity":0,"observer":{"type":"Web Logs","product":"zscalernss","name":"Zscaler NSS"}}