My project uses Zalando Logbook to log requests and responses in JSON format. I'm introducing JSON logging to the team using logstash-logback-encoder in preparation for ELK log processing.
Is there a way to configure the logstash encoder to not escape the JSON string generated by Logbook?
So far I've come up with this so that Logbook's content appears un-escaped and lives in structure under http. Is there a more elegant way of achieving the same thing? Perhaps there is a Logbook sub-project I'm not aware of that supports structured logging?
<appender name="logbook_console" class="ch.qos.logback.core.ConsoleAppender">
<encoder class="net.logstash.logback.encoder.LoggingEventCompositeJsonEncoder">
<providers>
<timestamp/>
<version/>
<loggerName/>
<threadName/>
<logLevel/>
<stackTrace/>
<tags/>
<mdc/>
<arguments/>
<pattern>
<pattern>
{
"http": "#tryJson{%message}"
}
</pattern>
</pattern>
<context/>
</providers>
</encoder>
</appender>
Here's the desired output.
{
"@timestamp": "2024-03-27T13:46:04.918002526-04:00",
"@version": "1",
"logger_name": "org.zalando.logbook.Logbook",
"thread_name": "reactor-http-epoll-8",
"level": "TRACE",
"http": {
"origin": "local",
"type": "response",
"correlation": "c671f441706b23c6",
"duration": 11,
"protocol": "HTTP/1.1",
"status": 503,
"headers": {
"Cache-Control": [
"no-cache, no-store, max-age=0, must-revalidate"
],
"Content-Length": [
"139"
],
"Content-Type": [
"application/problem+json"
],
"Expires": [
"0"
],
"Pragma": [
"no-cache"
],
"Referrer-Policy": [
"no-referrer"
],
"X-Content-Type-Options": [
"nosniff"
],
"X-Frame-Options": [
"DENY"
],
"X-Request-ID": [
"d759866e-19a9-4a36-84c8-4552eb22b9bc"
],
"X-XSS-Protection": [
"0"
]
},
"body": {
"type": "about:blank",
"title": "Service Unavailable",
"status": 503,
"detail": "API is unavailable",
"instance": "/v1/gateways/ABC/config"
}
}
}