On 7/10/20 3:51 PM, Pete Biggs wrote: > On Fri, 2020-07-10 at 16:44 -0400, Jason Edgecombe wrote: >> I don't use ELK at the moment, but is this helpful? >> >> % journalctl -f --output=json >> >> The above command prints the continuous output of the systemd journal in >> json format. >> > Thanks. The problem is getting that into logstash. But it's actually > quite useful anyway as it's another method of monitoring what is > supposed to be logged. > > P. Along this line there is journalbeat. -- Orion Poplawski Manager of NWRA Technical Systems 720-772-5637 NWRA, Boulder/CoRA Office FAX: 303-415-9702 3380 Mitchell Lane orion at nwra.com Boulder, CO 80301 https://www.nwra.com/