Ingest .sqlaudit logs to Elasticsearch

sanju1323 · July 29, 2024, 3:43pm

Hi Team,

We are trying to ingest the mssql logs (.sqlaudit format) using filebeat (Version 7.16.2). But we are not able to read the logs. Can someone let us know what is the best way to pull the mssql logs and ingest in Elasticsearch.

Thanks,
Sanjay Reddy M.

ashishtiwari1993 · August 1, 2024, 7:13am

Hi @sanju1323, The best way is to use Microsoft SQL Server integration.

You need to install Elastic agent. It will read all logs and push to Elasticsearch.

sanju1323 · August 1, 2024, 8:49am

Hi @ashishtiwari1993,

Thanks for your response.
I'm using Elastic 7.16.2 version and I have a dependency on my application.

Can I use the Elastic agent for 7.16.2 version?

Thanks.

Topic		Replies	Views
MS SQL monitoring with Filebeat? Beats filebeat	11	4695	November 17, 2020
Help me I am new to ELK. I want to ingest mysql logs(error logs, slow query logs and also a general logs) Logstash	6	33	October 17, 2024
Ingesting Data using Agent (SQL Input Integration) Elastic Agent	1	244	September 12, 2023
Elastic Agent SQL Integration Beats fleet , elastic-agent , integrations	2	1184	February 9, 2022
Changing winlogbeat from elasticsearch to logstash Beats winlogbeat	3	225	February 10, 2024

Ingest .sqlaudit logs to Elasticsearch

Related Topics