MySQL Logs are written to multiple lines (multiline). If your log shipper does not know how to convert multiple line logs into single line, then every line will be indexed individually into Elasticsearch. As a result, every line of your log will be considered a separate log. This makes the data unusable.
Rsyslog 7.5.3 is the first version of Rsyslog that can handle multiline logs properly. As a result, we require that you use this version for shipping MySQL logs to Logz.io.
Upgrading to the newest version of Rsyslog depends on your Linux distribution. Below are some links to upgrade instructions based on the distribution:
- General installation instructions: http://www.rsyslog.com/doc/v8-stable/installation/index.html
- Ubuntu: http://www.rsyslog.com/ubuntu-repository/
- RHEL/CentOS: http://www.rsyslog.com/rhelcentos-rpms/
- Debian: http://www.rsyslog.com/debian-repository/
Comments
0 comments
Please sign in to leave a comment.