On Fri, 2020-07-10 at 16:44 -0400, Jason Edgecombe wrote: > I don't use ELK at the moment, but is this helpful? > > % journalctl -f --output=json > > The above command prints the continuous output of the systemd journal in > json format. > Thanks. The problem is getting that into logstash. But it's actually quite useful anyway as it's another method of monitoring what is supposed to be logged. P.