Dear All,
We are shipping mariadb (10.3.8 and 5.5.56) logs on Centos 7 to our Gralog server using NxLog as shown below:-
I know the field format of the mariadb log.
[timestamp],[serverhost],[username],[host],[connectionid],
[queryid],[operation],[database],[object],[retcode]
What I want to do is to insert key pairs to the value of fields.
Example
Original
20180710 11:01:21,centos2,root,localhost,3,12,QUERY,customers,‘select * from users’,0
Becomes
timestamp=20180710 11:01:21,hostname=centos2,user=root,connect_id=localhost,query_type=QUERY,database=customers,query=‘select * from users’,ret_code=0
Could I do this using a GROK filter or maybe a pipeline rule, but I found there are no keys in the original message to use the pipeline key value extractor for example. The fields are fixed.
Any help appreciated.
Kind Regards
Jake