Logstash Grok筛选器mysql慢查询

时间:2018-11-05 13:54:37

标签: mysql elasticsearch logstash

我尝试使用grok过滤mysql慢查询。而且我需要得到

  • 数据库名称
  • 用户
  • IP
  • Query_time
  • 命令

有人帮我吗?

# User@Host: tysa6775_ua_data[tysa6775_ua_data] @ localhost []  Id:   360
# Query_time: 1.627188  Lock_time: 0.000246 Rows_sent: 5566  Rows_examined: 459414
use tysa6775_au_data1;
SET timestamp=1541421036;
select * from table_rating where id_product=1009 order by ngaytao desc;
# User@Host: tysa6775_ua_data[tysa6775_ua_data] @ localhost []  Id:   360
# Query_time: 0.000569  Lock_time: 0.000308 Rows_sent: 0  Rows_examined: 3
SET timestamp=1541421036;
select * from table_hoidap where id_product=1009 order by ngaytao desc;
# User@Host: tysa6775_ua_data[tysa6775_ua_data] @ localhost []  Id:   360
# Query_time: 0.000349  Lock_time: 0.000208 Rows_sent: 0  Rows_examined: 28
SET timestamp=1541421036;
select * from table_product_like where id_product='1009' and ip_nguoilike='5.188.210.8' order by stt,id desc;

1 个答案:

答案 0 :(得分:0)

由于您要访问的数据分散在日志文件中的多行中,因此您需要使用multiline codec,这将从这些行中产生一个事件。

相关问题
最新问题