When using fluentd to for example ingest log data in specific formats, such as CEF, sometimes the data is sent to Unomaly using different encodings. If that occurs, typically an error message is shown in the logs from fluentd on the Unomaly instance, similar to the example below:
2019-05-03 10:30:47 +0000 [warn]: #0 failed to flush the buffer. retry_time=0 next_retry_seconds=2019-05-03 10:30:48 +0000 chunk="587f93e5f24c87ec54ce037fd671cccd" error_class=Encoding::UndefinedConversionError error="\"\\xE2\" from ASCII-8BIT to UTF-8"
If that happens, make sure to install the fluentd record modifier plugin and add the following snippet to your fluentd config file
Make sure to restart fluentd afterwards
unomaly restart fluentd