GELF Decoder

JSON is a convenient format to store application-specific key/value pairs. Furthermore, values are typed, making it an excellent fit for efficient indexing in a data store such as ArangoDB, Hyperdex, MongoDB or ElasticSearch.

The flipside of JSON's flexibility is that it doesn't encourage applications to follow any conventions and log even common properties in a consistent way.

Graylog's GELF specification partially solves this, by adding minimal constraints to JSON-based log entries:

A value can contain an UTF-8 string, a boolean, a JavaScript number or null.
Messages MUST include a timestamp, whose key is timestamp, and whose value is a Unix timestamp.
Messages MUST include a source host name, in a string value whose key is host.
Messages MAY include a GELF version: "version":"1.2".
Messages MAY include a short description, in a string value whose key is short_message.
Messages MAY include a long description, in a string value whose key is full_message.
Messages MAY include a severity level, as a number (from 0 to 7, matching syslog-defined levels) whose key is level
Messages MAY include any number of additional key/value pairs provided that the key starts with an underscore (_), so that application-provided properties cannot collide with reserved properties.

Example of valid GELF message:

{"version":"1.1", "host": "example.org", "short_message": "A short message that helps you identify what is going on", "full_message": "Backtrace here\n\nmore stuff", "timestamp": 1385053862.3072, "level": 1, "_user_id": 9001, "_some_info": "foo", "_some_env_var": "bar"}

/EOF

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

GELF Decoder

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally