I want to ingest mysql logs(error logs, slow query logs and also a general logs)
Can you like help me what is the most appropriate approach?
Hello @FJT, Could you specify what is the error its throwing?
Also I am assuming you trying this integrations (mysql module).
Thank you
@FJT welcome to the community!
Just to be clear, you do not need logstash....
You can send logs directly from filebeat to elasticsearch. It will be simpler to get started.
You can use the filebeat MySQL module for the MySQL logs and the system module for the system logs
That would be the simplest approach.
Did you look at the file being QuickStart?
And then just set up the MySQL module and the system module.
That would be my suggestion and don't just logstash when you're just learning unless you have a very specific requirement to do so And looking at your logstash configuration. It's not doing anything oth, than pass-through so it's not needed. You're just adding an unneeded layer complexity.
I have solved this already thank you
Absolutely not accurate, You can do all the parsing in elasticsearch with ingest pipelines. but totally ok to use logstash if you want. That is totally valid
SSL / certs .. elasticsearch, filebeat, logstash do not do anything special.. You just need to create the correct certificates and CAs And configure each correctly.
There is nothing special really about it, if you are not familiar with certificates it can take a while to learn.
Curious What version are you on?
It's ok now thank you