I have configured packetbeat to monitor mysql and redirect that ELK
The issue that i have is that it only detect use query and no other query like selects or inserts updates i don''t understand why.
The port configured is correct and ssl is disable on mysql.
Can you help ?
Sometime in the logs i see stuff like ''mysql":{"unmatched_responses":2141}'', not sure if its related or not
Thanks
Hi Yecine,
Here are a few pointers, let me know if you've already checked all of those:
You'll want to ensure you're running your client or your library by connecting via either 127.0.0.1 or your remote address.packetbeat.interfaces.device: all
packetbeat.interfaces.device: lo0. Check your interface IDs with ifconfig on Posix systems, or ipconfig on Windows.If those don't help, can you give a few more details about your situation?
The "unmatched_responses" error would be expected when Packetbeat sees responses to queries it's unaware of (e.g. MySQL queries sent just before starting Packetbeat). Unless you're trying this on a high traffic server, I wouldn't expect it to reach 2000+ while you're starting up Packetbeat. We may need to dig deeper there.
Hello,
Web and database server are separated.
We have tried to put packet beat on both and i have the same result
We are connecting to the database throught it's ip so it's should be ok on this side.
We are on linuw so we have tried using device any and that didn't change anything
Here are the version of mysql and packetbeat :
mysql Ver 14.14 Distrib 5.5.60
packetbeat 6.4.1
Thanks for you help
@webmat do you have an idea what is happening ?
Thanks
Could you do/answer the following please:
packetbeat devices and post the results hereThis topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.