21 September 2012. Perhaps we grep them looking for errors or warnings, or setup an occasional nagios log regex monitor. 0 provides a safer and more flexible way to deal with tweets with its twitter input. It shows your data side by side in a clear, editable treeview and in a code editor. Log4j 2 JSON Configuration Example By Lokesh Gupta | Filed Under: Log4j2 Apache Log4j 2 is an upgrade to Log4j 1. APPLICATION_JSON which sets the header value to "application/json; charset=UTF-8" and that is not recognized by Logstash and treats the json string as plain text. I'm just saying that if logstash can't do what you want and if the data is already in JSON, it's fairly trivial to do what logstash does. I have been trying to pass logs from a windows application which are already formatted in JSON to logstash via NXlog. It might be just telling you that the field log actually does contain valid json, and no decoding is required. Ingest data from Logstash to Azure Data Explorer. The license is Apache 2. Logstash also has an adapter for Elasticsearch, so these two play very well together. The Basics: What is Logstash and How Does it Work? Logstash is a good (if not the) swiss-army knife for logs. Important Logstash Setting. See the complete profile on LinkedIn and discover John’s connections and jobs at similar companies. crt file will be copied to all of the servers that will send logs to Logstash but we will do that a little later. Python: Using Python, JSON, and Jinja2 to construct a set of Logstash filters Python is a language whose advantages are well documented, and the fact that it has become ubiquitous on most Linux distributions makes it well suited for quick scripting duties. IDS2 uses logstash-forwarder (former lumberjack) to securely forward (SSL encrypted) its eve. { "query": { //Query DSL here } } One may wonder what the query DSL is. json to IIS. To deal with this, the multiline codec can be used. Logstash logs can easily be sent to Loggly over HTTP. This means you can:. Perhaps we grep them looking for errors or warnings, or setup an occasional nagios log regex monitor. Cannot access nested JSON object through filters Description There seems to be no way for me to access a dynamic field through the %{field} notation when I have an object in my logs. It is used to convert multiline logging data. Logstash can currently parse a whole message as a JSON object, but not a single field. 0 provides a safer and more flexible way to deal with tweets with its twitter input. I'm open to other methods as well, I realize you could leave the logger open in ST, but it's hard to keep that up for history (and it crashes a fair bit lately). - Fred the Magic Wonder Dog Oct 10 '14 at 23:53. It supports writing to various outputs in logstash JSON format. The JSON is one single hash with the key "Records" pointing to a hash with the single key "message" containing an array where each element represents one API event. The codec in output must be set to json_lines to ensure that each event is sent separately to QRadar. I am trying to specify the max file size for json-file in docker-compose. This is a plugin for Logstash. conf As mentioned in the block diagram in the JDBC section, the logstash configuration file passes the query to the JDBC driver along with the user credentials. jcrotty Feb 5th, 2015 (edited) 331 Never Not a member of Pastebin yet? # logstash JSON input {"@timestamp":"2015-. yml, like this, log-opt: max-size=50m but when I tried to docker-compose up, it threw me an error, ERROR: In …. Restarting the service is required after any configuration changes. The logstash. Load the data From the command prompt, navigate to the logstash/bin folder and run Logstash with the configuration files you created earlier. Viewed 55k times 29. View John Palmer (SC Cleared)’s profile on LinkedIn, the world's largest professional community. LogStashLogger extends Ruby's Logger class to log directly to Logstash. json to IIS. The OISF development team is proud to announce Suricata 2. The Lograge library formats Rails-style request logs into a structured format, by default JSON, but can also generate Logstash-structured events. So far the file input with json_lines codec is out. The key line here is the mmjsonparse action, adding this action will tell Rsyslog to parse each log line from an input as JSON which makes each field in the message available (or the whole thing available via all-json); by default the module will only parse lines that begin with @cee (this is to do with the deprecated Lumberjack log format. 0, meaning you are pretty much free to use it however you want in whatever way. Created Date: 3/18/2014 11:22:51 PM. Using this logstash. 1" # these settings should match the output of the agent data_type => "list" key => "logstash" # We use the 'json' codec here because we expect to read # json events from redis. Logstash, an open source tool released by Elastic, is designed to ingest and transform data. Various Wikimedia applications send log events to Logstash, which gathers the messages, converts them into JSON documents, and stores them in an Elasticsearch cluster. Python logging handler for Logstash. Let's complete our Logstash configuration. In this tutorial, we will understand the basics of Logstash, its features, and the various components it has. Ruby « How to develop Logstash configuration files. This library is provided to allow standard python logging to output log data as json objects ready to be shipped out to logstash. Extend log4net with. Let’s start by understanding what is a JSON based API. Not ideal because the document is a json object with an array of 1000 events. To do so, you need to add a filter: To do so, you need to add a filter: date { match => [ "timestamp", "ISO8601" ] }. Become a contributor and improve the site yourself. The logstash 10 minute walkthrough should get you started. 1-monolithic. By default, logstash will put your raw log message in the “message” key. Graylog GELF is format for log messages, their stream is de-facto JSON lines. Prerequisites You should have a sound understanding of both ElasticSearch and Neo4j, each data model and APIs to. Athena supports creating tables and querying data from CSV, TSV, custom-delimited, and JSON formats; data from Hadoop-related formats: ORC, Apache Avro and Parquet; logs from Logstash, AWS CloudTrail logs, and Apache WebServer logs. 2, Logstash 1. 有两种方法,第一种方法是生成json后,直接打入logstash的端口。 还有一种是生成json写入文件,让logstash做tail操作的时候,把一行的日志数据直接载入json就可以了。 python下的日志调试用得时logging,改成json也是很好改得。. There are various ways to integrate Neo4j with ElasticSearch, here we will list some approaches and point to solutions that enable you to reuse your existing ES infrastructure with Neo4j. To fix this, we can simple create a filter in Logstash which converts these arrays to hashes recursively, ie, all arrays are converted to hashes, even the nested ones. Important Logstash Setting. A sensitive data disclosure flaw was found in the way Logstash logs malformed URLs. It is fully free and fully open source. Browse, filter and analyze logs in Elasticsearch. This JSON data is passed to a RFC at backend. conf produced a json parse failure in Elasticsearch. JSON Schema validation; Quick Navigation (Ctrl + Shift + O) Document formatting; Hover data descriptions (when provided by active schemas) How to associate schemas. Layouts are logback components responsible for transforming an incoming event into a String. Click to email this to a friend (Opens in new window) Click to print (Opens in new window) Click to share on Facebook (Opens in new window) Click to share on LinkedIn (Opens in new window). Active 1 year, 10 months ago. yaml for all available configuration options. txt & Visualize The logstash commands will populate the logstash-snort3j and logstash-snort3a indexes in elasticsearch. When I indexed it into elasticsearch though I see it created only one event. When you process a field through the json filter it will look for field names and corresponding values. Ask Question Asked 5 years, 5 months ago. Restarting the service is required after any configuration changes. Become a contributor and improve the site yourself. Thanks for your feedback !. Logstash’s TCP interface is very simple, all we need to do is open a TCP socket and send newline-delimited JSON messages. are stripped – they are only a noise in my case. To add and configure filter plugins, refer to Working with Filter Plugins on the Logstash documentation site. Getting started with Logstash. Installation. Log Aggregation with Log4j, Spring, and Logstash. I think LogStash is a little overkill if you just want a central syslog server, however - this is working as expected. It supports writing to various outputs in logstash JSON format. This project has been originally open sourced by exoscale (which is a great hosting service btw), thanks to them. logstash windows nxlog config example Logstash can gather logs from different OS, so I installed nxlog on each Windows machine in my infrastructure. A sensitive data disclosure flaw was found in the way Logstash logs malformed URLs. This avoids having to. Logstash使用JSON字段日期而不是时间戳怎么办? 内容来源于 Stack Overflow,并遵循 CC BY-SA 3. Looking to learn about Logstash as quickly as possible? This Logstash Tutorial is for you: we’ll install Logstash and push some Apache logs to Elasticsearch in less than 5 minutes. 2, Logstash 1. Python: Using Python, JSON, and Jinja2 to construct a set of Logstash filters Python is a language whose advantages are well documented, and the fact that it has become ubiquitous on most Linux distributions makes it well suited for quick scripting duties. Logstash also has an adapter for Elasticsearch, so these two play very well together. A synopsis of the Layout interface is shown below. It is used to convert multiline logging data. Docker Log Management Using Fluentd Mar 17, 2014 · 5 minute read · Comments logging fluentd docker. This JSON data is passed to a RFC at backend. Configuration entries for each entry type have a low to high priority order. The log message should be a stringified JSON object with the log message in the @message field. As its in JSON format, you do not have to worry about writing your own custom grok regex filters. Looking at the available inputs and codecs for Logstash, it seems that we could use redis input to interact with Redis, and json codec as the basis for our data processing. IDS2 uses logstash-forwarder (former lumberjack) to securely forward (SSL encrypted) its eve. The OISF development team is proud to announce Suricata 2. json matches JSON-encoded strings and breaks them up in to individual fields. However nothing stops you from using Logstash as a shipper it will works just as fine and you can even put redis in-between also, the nxlog was a example as it is a fairly easy way to ship logs from a windows machine but there are also other programs you can use as long as it can ship. JSON Editor Online is a web-based tool to view, edit, and format JSON. If you are using rubydebug, debugging must be enabled in the logstash. 1 edition →. I think LogStash is a little overkill if you just want a central syslog server, however - this is working as expected. I am saying nothing about logstash and json files. implicitly coded in). Logstash will besides writing to the Elastic index, also write to gzipped file for backup purposes. Basically it was a system to provide admins of websites with a real-time system for managing info messages, intended to be displayed beneath input fields. Perhaps we grep them looking for errors or warnings, or setup an occasional nagios log regex monitor. Eventually I need to fetch the json through a REST service using something like http_poller but it doesn't seem to work for https (Does http_poller handle https?). A sensitive data disclosure flaw was found in the way Logstash logs malformed URLs. 1 - Updated Apr 30, 2018 - 1. My Logstash input is a json file. If a malformed URL is specified as part of the Logstash configuration, the. Elasticsearch is developed alongside a data collection and log-parsing engine called Logstash, an analytics and visualisation platform called Kibana, and Beats, a collection of lightweight data shippers. Step 1: Syntax check. Supported SerDes and Data Formats. Is there a way to forward the incoming messages to. Edit the logstash. Let’s do it! Let’s assume that you have already elasticsearch 1. One of the best solutions for the management and analysis of logs. yaml) to IDS1, main Logstash/Kibana deployment. Thanks for your feedback !. Unix pipes on steroids. Both the UDP and ZeroMQ inputs need to have format as json_event which is what we send over the wire. conf in the same path as the data set. Edit the path to match the location of the TXT file and save it as logstash_json. These instructions were tested with versions 5. The use case that I am using in this post is a data load from MySQL DB into Elasticsearch using Logstash and visualizing this data using Kibana. Logstash will make it JSON formatted and index to the Elasticsearch database. Install-Package log4net. The second library, Logstash-logger, allows us to hijack Rails existing logging framework and emit much more structured events and then send them directly to Logstash. JSON requires valid UTF-8 strings, but in some cases, software that emits JSON does so in another encoding (nxlog, for example). Supported SerDes and Data Formats. Send Cisco ASA Syslogs to Elasticsearch Using Logstash Blog , ElasticSearch , Information Technology , Kibana , Logstash , Networking , Software This guide is a continuation of this blog post here. It might be just telling you that the field log actually does contain valid json, and no decoding is required. Speaking of searching, logstash comes with a web interface for searching and drilling into all of your logs. This is working as expected. Step 1: Syntax check. I recently coded a WCF REST webservice that needed to be accessed from JavaScript. log formats currently. Logstash works out of the box with structured JSON objects, so it's ideal for Nginx to parse the upstream response's HTTP headers and log the data in a JSON format. For those who don't know, Logstash is a log ingestion service that takes care of parsing, mutating, and cleaning up logs in a structured JSON format before getting them stored in a database — ElasticSearch. I personally would not use Logstash on all servers because it would mean I need to run Java on every server. Logstash JSON Parser. 100 and the TCP listening input is 9563. This instructs Logstash to listen on port 5544 for basic log data, and also on port 5500 for JSON formatted data. Works great with the versions specified, thanks! There are a few changes that break in this setup on the latest release of Logstash, however. The codec in output must be set to json_lines to ensure that each event is sent separately to QRadar. 21 September 2012. logstash is an open source project and installs easily on Linux. json applies to logstash-ids, logstash-firewall, logstash-syslog, logstash-bro, logstash-import, and logstash-beats. These instructions were tested with versions 5. jcrotty Feb 5th, 2015 (edited) 331 Never Not a member of Pastebin yet? # logstash JSON input {"@timestamp":"2015-. John has 34 jobs listed on their profile. ganesh0708,. Installation. Introduction to managing diagnostic traces with NLog. I recently coded a WCF REST webservice that needed to be accessed from JavaScript. Hi, This has probably been raised before but I still can't figure out how to send logs to QRadar through logstash. A working exim configuration would be nice but sadly it cannot be done and the example showed here is flawed. 06/03/2019; 3 minutes to read; In this article. It is used to convert multiline logging data. logstash logstash是一款轻量级的日志搜集处理框架,可以方便的把分散的、多样化的日志. when Array value. # codec => "json" indicates that we expect the lines we're receiving to be in JSON format # type => "rsyslog" is an optional identifier to help identify messaging streams in the pipeline. Graylog GELF is format for log messages, their stream is de-facto JSON lines. key => "logstash" # We use json_event here since the sender is a logstash agent:. To make use of this encoder, we need to add the following dependency to our pom. sudo npm install -g logstash-json-parser. Ruby « How to develop Logstash configuration files. This is working as expected. It’s important to note that if you do not use the date filter, Logstash will automatically set a timestamp based on the input time. Note: If you are also using Kibana as your front end, you will need to add a MimeType of “application/json” for the extension. You can use it to collect logs, parse them, and store them for later use (like, for searching). Logstash by default will treat each line as an event, which is problematic for Java as many Java log entries take up multiple lines. This is a JSON parsing filter. We use the asciidoc format to write. Things i have used to get this cloudtrail to logstash working are mentioned below. json logs (configured in suricata. While parsing raw log files is a fine way for Logstash to ingest data, there are several other methods to ship the same information to Logstash. logstash-template. Re: Karaf logging in JSON format But your bundle needs to contain that package, if it doesn't it's of no help Did you try to embed those classes in your own bundle?. There are various ways to integrate Neo4j with ElasticSearch, here we will list some approaches and point to solutions that enable you to reuse your existing ES infrastructure with Neo4j. logback:logstash-logback-encoder Logback encoder which will output events as Logstash-compatible JSON Latest release 5. 3) Elasticsearch stores the JSON-formatted Snort alerts. Future Plans. ndjson is a similar format that also allows blank lines. And now I can view log in one place in my Kibana interface:. As our docker-compose. " IIS Access Logs. JSON requires valid UTF-8 strings, but in some cases, software that emits JSON does so in another encoding (nxlog, for example). Sende ich einige JSON-Daten von Java-server via TCP zu Logstash (Logstash sendet Sie an Elasticsearch) und diese JSON-Daten zu sein scheint, fliehen Elastisch. logback:logstash-logback-encoder Logback encoder which will output events as Logstash-compatible JSON Latest release 5. Unix pipes on steroids. Use Logstash to load CSV into Elasticsearch Imtiaz Ahmad. Skip to main content Switch to mobile version Added support for the new JSON schema in Logstash 1. Layouts are logback components responsible for transforming an incoming event into a String. Depending on which index you want to increase shards for, you have a few options. Loading Unsubscribe from Imtiaz Ahmad? Beats, and Logstash - Duration: 50:52. json" codec => json interval => 60 } } output{ stdout{codec => ruby_debug} } and it processed the whole file. Json --version 2. The Basics: What is Logstash and How Does it Work? Logstash is a good (if not the) swiss-army knife for logs. As its in JSON format, you do not have to worry about writing your own custom grok regex filters. Sample filebeat. When I have NXLOG send the file to Logstash, I get blasted with errors in the. Using JSON with LogStash. Thanks for your feedback !. The updated article utilizes the latest version of the ELK stack on Centos 7. You can use it to collect logs, parse them, and store them for later use (like, for searching). If a malformed URL is specified as part of the Logstash configuration, the. 11: json_lines. After giving the application some testing, we tend to remove the tracing code in order to improve performance (tracing can take a lot of time). Configuration entries for each entry type have a low to high priority order. json as well) that is also digested by Logstash. Prerequisites You should have a sound understanding of both ElasticSearch and Neo4j, each data model and APIs to. At its core, Logstash is a form of Extract-Transform-Load (ETL) pipeline. To deal with this, the multiline codec can be used. JSON file Also, is there a way to eliminate the need for the index lines in the JSON? The data that I will be entering into Elasticsearch is going to be many thousands of rows and formatting each of them to display the index line will require another application to format each line. As its in JSON format, you do not have to worry about writing your own custom grok regex filters. jcrotty Feb 5th, 2015 (edited) 331 Never Not a member of Pastebin yet? # logstash JSON input {"@timestamp":"2015-. Logstash provides infrastructure to automatically generate documentation for this plugin. Logstash Indexer configuration input { redis { host => "127. Logstash supports JSON Lines via the json_lines codec. Example: Using Logstash filter plugins to process haproxy logs for Honeycomb ingestion. Kafka Input Configuration in Logstash. Logstash config example. Great write-up, very thorough for a general purpose build. This avoids having to. This project has been originally open sourced by exoscale (which is a great hosting service btw), thanks to them. Sachdeva The Logstash Book (2014) by James Turnbull Popular Tags. This is a sample of how to send some information to logstash via the TCP input in nodejs or python. From the docs: "[json_lines] will decode streamed JSON that is newline delimited. It executes a command for a defined interval. 0 and Kibana 4. I'm just saying that if logstash can't do what you want and if the data is already in JSON, it's fairly trivial to do what logstash does. To do so, you need to add a filter: To do so, you need to add a filter: date { match => [ "timestamp", "ISO8601" ] }. ganesh0708,. This post is older than a year. The goal is to have a standalone Powershell script executed from a share or a read-only USB-stick that will process Windows event logs and send them to a remote preconfigured Logstash server on a specific TCP port. { "query": { //Query DSL here } } One may wonder what the query DSL is. JSON is a data format that is gaining popularity and used extensively in many AJAX powered Web sites. Log Aggregation with Log4j, Spring, and Logstash. The Basics: What is Logstash and How Does it Work? Logstash is a good (if not the) swiss-army knife for logs. conf should look something like the sample file. Used: logstash v1. 1-monolithic. 29 Dec 2015. If it helps, I am uploading a config that works in my case, I went and changed structure of all logs for this tho. # This input block will listen on port 10514 for logs to come in. Re: Karaf logging in JSON format But your bundle needs to contain that package, if it doesn't it's of no help Did you try to embed those classes in your own bundle?. Click to email this to a friend (Opens in new window) Click to print (Opens in new window) Click to share on Facebook (Opens in new window) Click to share on LinkedIn (Opens in new window). I'm new to Gateway. It might be just telling you that the field log actually does contain valid json, and no decoding is required. json as well) that is also digested by Logstash. This means you can:. For those who don’t know, Logstash is a log ingestion service that takes care of parsing, mutating, and cleaning up logs in a structured JSON format before getting them stored in a database — ElasticSearch. Kibana is a visual interface for Elasticsearch that works in the browser. Not ideal because the document is a json object with an array of 1000 events. - Fred the Magic Wonder Dog Oct 10 '14 at 23:53. JSON Schema validation; Quick Navigation (Ctrl + Shift + O) Document formatting; Hover data descriptions (when provided by active schemas) How to associate schemas. Question by Anuj Shrivastava | Jan 07 at 05:57 AM qradar how-to json qradarce logstash Hi All, I want to know how to to create a custom log source for logstash forwarded logs in JSON format? my logstash config is as follows. 06/03/2019; 3 minutes to read; In this article. logstash is an open source project and installs easily on Linux. If you need to pass a json object into logstash, you can specify codec json on the input. Getting started with Logstash. when Array value. json - applies to logstash-ossec-* indices beats-template. Important Logstash Setting. 1 Docker version along with Filebeat and. Consider some information might not be accurate anymore. The ${structuredlogging. For example, take the following. The Basics: What is Logstash and How Does it Work? Logstash is a good (if not the) swiss-army knife for logs. Logstash will make it JSON formatted and index to the Elasticsearch database. We need to send the payloads received in Gatway to LOGSTASH. Make a pipeline configuration file to describe what you want to happen to the logs. logstash配置语言基础 使用mutate处理数据 使用grok提取信息 使用logstash内置patterns或自定义patterns同时收集linux系统日志、web日志及项目自定义格式日志. Edit the path to match the location of the TXT file and save it as logstash_json. Logstash Regex Check. json,logstash. logstash is an open source project and installs easily on Linux. If you forward JSON Lines, you can use a single, concise Logstash config for all logs from Transaction Analysis Workbench. Consider some information might not be accurate anymore. When logstash sends data to ElasticSearch it creates one index per day, and in kopf now you should see an index with the current date, with a "document" for each line you entered after running logstash: ElasticSearch can be queried using HTTP requests, and kopf gives a nice way to construct these and see the results which are in JSON format. 0 and Kibana 4. Edit the path to match the location of the TXT file and save it as logstash_json. logstash+grok+json+elasticsearch解析复杂日志数据(一) 还有另外一种思路:使用索引模板. A synopsis of the Layout interface is shown below. Created a PHP script (hosted on Google Cloud Platform) to return a JSON formatted data to the client which will parse the JSON data and render it in a responsive Web Application. There are various ways to integrate Neo4j with ElasticSearch, here we will list some approaches and point to solutions that enable you to reuse your existing ES infrastructure with Neo4j. The json_lines. Logstash Plugin. Click to email this to a friend (Opens in new window) Click to print (Opens in new window) Click to share on Facebook (Opens in new window) Click to share on LinkedIn (Opens in new window). The example below is an Apache access log formatted as a JSON:. Centralised Logging with Logstash and Kibana (and rsyslog, and elasticsearch, LOGSTASH tcp input LOGSTASH Filter → JSON RSYSLOG Filters. license) Logstash is distributed as a jar. Then send to Logstash by SocketAppender. On the LineRate side, we'll build a JSON object with the data we're interested in and use a TCP stream to transmit the data. Send Cisco ASA Syslogs to Elasticsearch Using Logstash Blog , ElasticSearch , Information Technology , Kibana , Logstash , Networking , Software This guide is a continuation of this blog post here. 0, meaning you are pretty much free to use it however you want in whatever way. It might be just telling you that the field log actually does contain valid json, and no decoding is required. jar agent -f logstash-simple. logstash allows with various plugins a quick solution, to convert CSV input to JSON output. Depending on which index you want to increase shards for, you have a few options. Wikimedia uses Kibana as a front-end client to filter and display messages from the Elasticsearch cluster. It is used to handle Json data with newline delimiter. This post is older than a year. license) Logstash is distributed as a jar. Log entries, Maps, are converted to JSON String on the Java side and logged normally with log4j. Schema-less means that you just throw JSON at it and it updates the schema as you go. yml binds the logstash ports to the host (our local machine), we can just use the loopback address here. This is an improvement over writing to a file or syslog since Logstash can receive the structured data directly. When pushing more and more types of events to Logstash, the configuration easily became quite complex and hard to manage. Logstash provides infrastructure to automatically generate documentation for this plugin. txt & bin/logstash -f snort_apps. Logstash will make it JSON formatted and index to the Elasticsearch database. Unix pipes on steroids. Example: Using Logstash filter plugins to process haproxy logs for Honeycomb ingestion. Logstash configs for CSV. Logstash’s TCP interface is very simple, all we need to do is open a TCP socket and send newline-delimited JSON messages. IDS1 has its own logging (eve. On the LineRate side, we'll build a JSON object with the data we're interested in and use a TCP stream to transmit the data. A sensitive data disclosure flaw was found in the way Logstash logs malformed URLs. Logging with Nginx and Lua. codec tells Logstash what kind of data to expect on this input. Active 1 year, 10 months ago. ← Frankenstein JVM with flavour - jlink your own JVM with OpenJDK 11 | posts | The day you start to use rc builds in production - Kafka 2. This is used to convert a single element in Json array to a single Logstash event. I personally would not use Logstash on all servers because it would mean I need to run Java on every server. We use the asciidoc format to write. Kibana is a visual interface for Elasticsearch that works in the browser. Logstash can currently parse a whole message as a JSON object, but not a single field. Logstash supports JSON Lines via the json_lines codec. By default, it will place the parsed JSON in the root (top level) of the Logstash event, but this filter can be configured to place the JSON into any arbitrary event field, using the target configuration. By implementing new structure I am now able to parse everything with a simple filter:. logstash 是用 JRuby 的,但是打包成了 jar 的包,下载即用。 下面这个是在单机上运行 LS: # java -jar logstash-1.