Log
Details about the event's logging mechanism.
Fields
Field Summary
| Field | Type | Level | Description |
|---|---|---|---|
log.file.path | keyword | Extended | Full path to the log file this event came from. |
log.level | keyword | Core | Log level of the log event. |
log.logger | keyword | Core | Name of the logger. |
log.origin.file.line | long | Extended | The line number of the file which originated the log event. |
log.origin.file.name | keyword | Extended | The code file which originated the log event. |
log.origin.function | keyword | Extended | The function which originated the log event. |
log.syslog | object | Extended | Syslog metadata |
log.syslog.appname | keyword | Extended | The device or application that originated the Syslog message. |
log.syslog.facility.code | long | Extended | Syslog numeric facility of the event. |
log.syslog.facility.name | keyword | Extended | Syslog text-based facility of the event. |
log.syslog.hostname | keyword | Extended | The host that originated the Syslog message. |
log.syslog.msgid | keyword | Extended | An identifier for the type of Syslog message. |
log.syslog.priority | long | Extended | Syslog priority of the event. |
log.syslog.procid | keyword | Extended | The process name or ID that originated the Syslog message. |
log.syslog.severity.code | long | Extended | Syslog numeric severity of the event. |
log.syslog.severity.name | keyword | Extended | Syslog text-based severity of the event. |
log.syslog.structured_data | flattened | Extended | Structured data expressed in RFC 5424 messages. |
log.syslog.version | keyword | Extended | Syslog protocol version. |
Field Details
log.file.path
Type: keyword
Level: Extended
Description: Full path to the log file this event came from.
Example: /var/log/fun-times.log
Indexed: true
log.level
Type: keyword
Level: Core
Description: Log level of the log event.
Example: error
Indexed: true
log.logger
Type: keyword
Level: Core
Description: Name of the logger.
Example: org.elasticsearch.bootstrap.Bootstrap
Indexed: true
log.origin.file.line
Type: long
Level: Extended
Description: The line number of the file which originated the log event.
Example: 42
Indexed: true
log.origin.file.name
Type: keyword
Level: Extended
Description: The code file which originated the log event.
Example: Bootstrap.java
Indexed: true
log.origin.function
Type: keyword
Level: Extended
Description: The function which originated the log event.
Example: init
Indexed: true
log.syslog
Type: object
Level: Extended
Description: Syslog metadata
Indexed: true
log.syslog.appname
Type: keyword
Level: Extended
Description: The device or application that originated the Syslog message.
Example: sshd
Indexed: true
log.syslog.facility.code
Type: long
Level: Extended
Description: Syslog numeric facility of the event.
Example: 23
Indexed: true
log.syslog.facility.name
Type: keyword
Level: Extended
Description: Syslog text-based facility of the event.
Example: local7
Indexed: true
log.syslog.hostname
Type: keyword
Level: Extended
Description: The host that originated the Syslog message.
Example: example-host
Indexed: true
log.syslog.msgid
Type: keyword
Level: Extended
Description: An identifier for the type of Syslog message.
Example: ID47
Indexed: true
log.syslog.priority
Type: long
Level: Extended
Description: Syslog priority of the event.
Example: 135
Indexed: true
log.syslog.procid
Type: keyword
Level: Extended
Description: The process name or ID that originated the Syslog message.
Example: 12345
Indexed: true
log.syslog.severity.code
Type: long
Level: Extended
Description: Syslog numeric severity of the event.
Example: 3
Indexed: true
log.syslog.severity.name
Type: keyword
Level: Extended
Description: Syslog text-based severity of the event.
Example: Error
Indexed: true
log.syslog.structured_data
Type: flattened
Level: Extended
Description: Structured data expressed in RFC 5424 messages.
Indexed: true
log.syslog.version
Type: keyword
Level: Extended
Description: Syslog protocol version.
Example: 1
Indexed: true