Database tables in graylog

Hi,

I have output of sql statement in tabular format which stoted in .txt file. I am trying to send these details to graylog from the server where collector is installed but failing. I am able to send apache logs to graylog from same server and i am able to create dashborads as well.

Could you suggest me for any possibilities to send Database data in table format to Graylog.

Thanks

Google search gave me this which lead me to this … Make sure you are referencing the correct version of Elastic… I haven’t done it but these are where I would start my research…

Thanks you your reply.
But i am placing my sql output on apache server where collector was installed. Not sending data directly from my DB server. (PF the snap)

That was me eliminating a step that I know nothing about. :smiley: The answer is in your reply too… it suggests using NXLOG/filebeat, which you could follow on with an extractor…

i am using filebeat to send apache logs. And using same filebeat to send data base table as well to graylog. Still i am not able to send the data.
Any more suggestions please

Post your filebeat client config with all relevant detail (blocking sensitive stuff of course) please use the formatting so it is easier to read…

Posting my input file, filebeat configuration and DB output.

My Output in tabular format like:

Nothing stands out to me - 0did you try debugging it in the foreground as shown here at the bottom of the docs page? (I don’t know what version you are running, you should always put that in your request as well…if it is a different version change it in the lower left side and you will still find the debugging information at the bottom of the doc. Let us know what you see, don’t make us guess!

Please find below debug snap. i couldnt find anything suspicious here. kindly review

image

Finally i am able to send data to graylog dashborad, but the table is appearing as multiple messages. I want to create a graph dashboard with the output of the values. Which i am not able to create with current messages in graylog. Do i need to use grok patterns here.
PFB snap in graylog.

GROK in a pipeline seems the way to go you may need to play with Regex to get it to confirm to your needs.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.