From d84dfb34e072afe77c7ef1d93e35096436d22d91 Mon Sep 17 00:00:00 2001
From: Michael Tarleton <michael.tarleton@me.com>
Date: Mon, 13 Jun 2016 18:13:21 -0500
Subject: [PATCH] Installed and configured the logstash-filter-json filter for
 message parsing in JSON out of the box.

---
 logstash/Dockerfile           | 5 ++++-
 logstash/config/logstash.conf | 7 +++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/logstash/Dockerfile b/logstash/Dockerfile
index 5419695..920e1ae 100644
--- a/logstash/Dockerfile
+++ b/logstash/Dockerfile
@@ -1 +1,4 @@
-FROM logstash:latest
\ No newline at end of file
+FROM logstash:latest
+
+# Install plugins
+RUN logstash-plugin install logstash-filter-json
\ No newline at end of file
diff --git a/logstash/config/logstash.conf b/logstash/config/logstash.conf
index 5718b33..72ac623 100644
--- a/logstash/config/logstash.conf
+++ b/logstash/config/logstash.conf
@@ -6,6 +6,13 @@ input {
 
 ## Add your filters here
 
+# Added a default json filter for parsing the "message" field
+filter {
+    json {
+        source => "message"
+    }
+}
+
 output {
 	elasticsearch {
 		hosts => "elasticsearch:9200"