I'm currently evaluating the Serilog.Sinks.Elasticsearch
sink for Serilog
in a .NET Core web service.
I successfully managed to pump some log messages through that sink using the following config (through JSON rather than code):
...
"WriteTo": [
{
"Name": "Elasticsearch",
"Args": {
"nodeUris": "http://localhost:9200",
"connectionGlobalHeaders": "Authorization=Basic <base64 encrypted user:pwd here>",
"indexFormat": "serilog-{0:yyyy.MM.dd}"
}
}
],
...
I can see and filter these messages in the Analytics->Discovery page in Kibana. However displaying e.g. just the messages in a readable manner doesn't seem to be possible (or I missed it). The Observability->Logs page would provide that, but I can't see the logs in there. (I can see them there if I do .NET -> file -> filebeat -> elasticsearch, but not with the Elasticsearch sink)
Do I have to configure something in Kibana or the Elasticsearch sink configuration so I can see the log stream?
This was a configuration issue in Kibana. If you go to the Observability->Logs page and click on
Settings
in the top-right area of the page you can configure your sources to either use a singleData View
as used in the Analytics->Discovery page, or acumulate logs of several sources by providing the indexes.In this case,
serilog-*
(compare the JSON config in the question) needed to be added to the indexes which get displayed in that page.