Hello everyone,
In order to synchronise my MySQL database with Elasticsearch I set up the following process :
- I activated the binary log in MySQL in order to see the different transactions
- After that, I execute Logstash which read the different transactions that are stored in a file. The file that Logstash read looks like this :
INSERT INTO `mytable` (`field1`, `field2`, `field3`) VALUES (1, 'first value', 'second value') UPDATE `mytable` SET `field1` = 'first value modified', `field2` = 'second value modified' WHERE `mytable`.`id` = 1 DELETE FROM `mytable` WHERE `mytable`.`id` = 1
I used the grok filter to check if the transaction is "INSERT", "UPDATE" or "DELETE" and after that I try to apply another filter to get the field's names and their values.
The problem is that the structure often changes, for example I could have :
UPDATE `mytable` SET `field1` = 'first value modified', `field2` = 'second value modified' WHERE `mytable`.`id` = 1 UPDATE `mytable` SET `field1` = 'first value modified' WHERE `mytable`.`id` = 1
Here, you can notice that in the first update there is two fields that are updated and in the second line only one.
Do you know how can I solve my issue ? Do you think it's a good idea to process like this or do you have another suggestions?
Thanks in advance for your help.