Can I monitor SQL server ERRORLOG in ES without using Logstash?

rkpotdar · September 11, 2017, 1:17pm

In my setup, the SQL server resides on a Windows machine and it generates ERRORLOG which records for any errors occurring in SQL server. I'd like these logs to be pushed on to an Ubuntu machine (where I currently run ES and Kibana).
My question being, can I directly consume the ERRORLOG file into ES for monitoring or should I be using Logstash (with grok filter) to read out the ERRORLOG?

The pattern is something like TIMESTAMP<1SPACE>USER<4SPACES>MESSAGE.
Also to note that message is multiline in a few cases.

warkolm · September 12, 2017, 3:04am

You will likely need Logstash if you want to structure your logs.

system · October 10, 2017, 3:04am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Configure Logstash to send MS SQL ErrorLog Logstash	2	1472	November 29, 2018
Logstash vs rivers for reading data from SQL Server Elasticsearch	10	1197	July 6, 2017
Integration of MSSQL Logstash	5	8808	July 6, 2017
Kibana Sql server Kibana	4	343	February 3, 2020
SQL Server Sync with Elasticsearch through Logstash - retransfer does not happens Logstash	2	3825	October 22, 2018

Can I monitor SQL server ERRORLOG in ES without using Logstash?

Related topics