June 8, 2020 at 9:17 pm
Hi everyone!
My company has an implementation of the Elastic tools Winlogbeat and evaluating filebeat to pull in log files from various sources. I'm wondering if there is anyone with experience here working with them to see if it is worth my time investment to see we can make them work for us on the SQL Server side or not.
Since SQL Server 2019 (all versions, really) writes to an error log file on the file system, and not all entries make it to the application event log, the filebeat utility seems to be an option, but without getting a destination platform running and learning all of that, I can't really see what this agent captures.
Winlogbeat -- https://www.elastic.co/downloads/beats/winlogbeat -- configurable to read the "sub"-application event logs, but SQL Server, if it writes anything at all, goes to the "main" application event log, so I don't think this will work.
filebeat -- https://www.elastic.co/guide/en/beats/filebeat/master/filebeat-module-mssql.html -- supposedly can parse out the SQL Server logs, but I can't find really any examples from anyone online that has used it. The formatting of the file location is linux-style, though it seems like it would be windows-capable from seeing the agent installers.
So, SQL Server friends, has anyone ever used either of these utilities to help centralize the logging data for your SQL Servers?
TIA!
June 9, 2020 at 10:10 pm
Thanks for posting your issue and hopefully someone will answer soon.
This is an automated bump to increase visibility of your question.
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply