diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc index f9625067f1b..d6920062bf1 100644 --- a/CHANGELOG.next.asciidoc +++ b/CHANGELOG.next.asciidoc @@ -236,6 +236,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d - Improve ECS categorization field mappings for mssql module. {issue}16171[16171] {pull}17376[17376] - Added access_key_id, secret_access_key and session_token into aws module config. {pull}17456[17456] - Add dashboard for Google Cloud Audit and AWS CloudTrail. {pull}17379[17379] +- Improve ECS categorization field mappings for mysql module. {issue}16172[16172] {pull}XXXXX[XXXXX] *Heartbeat* diff --git a/filebeat/module/mysql/error/ingest/pipeline.json b/filebeat/module/mysql/error/ingest/pipeline.json deleted file mode 100644 index fed1e1389f3..00000000000 --- a/filebeat/module/mysql/error/ingest/pipeline.json +++ /dev/null @@ -1,65 +0,0 @@ -{ - "description": "Pipeline for parsing MySQL error logs", - "processors": [{ - "grok": { - "field": "message", - "patterns": [ - "%{MYSQLDATETIME}%{SPACE}(%{NUMBER:mysql.thread_id:long}%{SPACE})?(\\[%{DATA:log.level}\\]%{SPACE})?%{GREEDYMULTILINE:message}", - "%{GREEDYDATA:message}" - ], - "ignore_missing": true, - "pattern_definitions": { - "LOCALDATETIME": "(?:%{YEAR}-%{MONTHNUM}-%{MONTHDAY}|%{NUMBER})%{SPACE}%{TIME}", - "MYSQLDATETIME": "(?:%{LOCALDATETIME:_tmp.local_timestamp}|%{TIMESTAMP_ISO8601:_tmp.timestamp})", - "GREEDYMULTILINE": "(.|\n)+" - } - } - }, { - "rename": { - "field": "@timestamp", - "target_field": "event.created" - } - }, { - "date": { - "if": "ctx._tmp?.local_timestamp != null && ctx.event?.timezone == null", - "field": "_tmp.local_timestamp", - "formats": [ - "yyMMdd H:m:s", - "yyMMdd H:m:s", - "yyyy-MM-dd H:m:s", - "yyyy-MM-dd H:m:s" - ] - } - }, { - "date": { - "if": "ctx._tmp?.local_timestamp != null && ctx.event?.timezone != null", - "field": "_tmp.local_timestamp", - "timezone": "{{ event.timezone }}", - "formats": [ - "yyMMdd H:m:s", - "yyMMdd H:m:s", - "yyyy-MM-dd H:m:s", - "yyyy-MM-dd H:m:s" - ] - } - }, { - "date": { - "if": "ctx._tmp?.timestamp != null", - "field": "_tmp.timestamp", - "formats": [ - "ISO8601" - ] - } - }, { - "remove":{ - "field": "_tmp", - "ignore_missing": true - } - }], - "on_failure" : [{ - "set" : { - "field" : "error.message", - "value" : "{{ _ingest.on_failure_message }}" - } - }] -} diff --git a/filebeat/module/mysql/error/ingest/pipeline.yml b/filebeat/module/mysql/error/ingest/pipeline.yml new file mode 100644 index 00000000000..b11f280d1ea --- /dev/null +++ b/filebeat/module/mysql/error/ingest/pipeline.yml @@ -0,0 +1,70 @@ +description: Pipeline for parsing MySQL error logs +processors: +- grok: + field: message + patterns: + - '%{MYSQLDATETIME}%{SPACE}(%{NUMBER:mysql.thread_id:long}%{SPACE})?(\[%{DATA:log.level}\]%{SPACE})?%{GREEDYMULTILINE:message}' + - '%{GREEDYDATA:message}' + ignore_missing: true + pattern_definitions: + LOCALDATETIME: (?:%{YEAR}-%{MONTHNUM}-%{MONTHDAY}|%{NUMBER})%{SPACE}%{TIME} + MYSQLDATETIME: (?:%{LOCALDATETIME:_tmp.local_timestamp}|%{TIMESTAMP_ISO8601:_tmp.timestamp}) + GREEDYMULTILINE: |- + (.| + )+ +- grok: + field: message + patterns: + - '(\[%{DATA:event.code}\])%{SPACE}(\[%{DATA:event.provider}\])%{SPACE}%{GREEDYMULTILINE}' + - '%{GREEDYDATA}' + ignore_missing: true + ignore_failure: true + pattern_definitions: + GREEDYMULTILINE: |- + (.| + )+ +- rename: + field: '@timestamp' + target_field: event.created +- date: + if: ctx._tmp?.local_timestamp != null && ctx.event?.timezone == null + field: _tmp.local_timestamp + formats: + - yyMMdd H:m:s + - yyMMdd H:m:s + - yyyy-MM-dd H:m:s + - yyyy-MM-dd H:m:s +- date: + if: ctx._tmp?.local_timestamp != null && ctx.event?.timezone != null + field: _tmp.local_timestamp + timezone: '{{ event.timezone }}' + formats: + - yyMMdd H:m:s + - yyMMdd H:m:s + - yyyy-MM-dd H:m:s + - yyyy-MM-dd H:m:s +- date: + if: ctx._tmp?.timestamp != null + field: _tmp.timestamp + formats: + - ISO8601 +- remove: + field: _tmp + ignore_missing: true +- set: + field: event.kind + value: event +- append: + field: event.category + value: database +- append: + field: event.type + value: info +- append: + field: event.type + value: error + if: "ctx?.log?.level != null && ctx.log.level.toLowerCase() == 'error'" +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/filebeat/module/mysql/error/manifest.yml b/filebeat/module/mysql/error/manifest.yml index 0376206ffa4..1102c9fb881 100644 --- a/filebeat/module/mysql/error/manifest.yml +++ b/filebeat/module/mysql/error/manifest.yml @@ -10,5 +10,5 @@ var: os.windows: - "c:/programdata/MySQL/MySQL Server*/error.log*" -ingest_pipeline: ingest/pipeline.json +ingest_pipeline: ingest/pipeline.yml input: config/error.yml diff --git a/filebeat/module/mysql/error/test/error.log-expected.json b/filebeat/module/mysql/error/test/error.log-expected.json index 3b6c8a0940f..0f5fad01955 100644 --- a/filebeat/module/mysql/error/test/error.log-expected.json +++ b/filebeat/module/mysql/error/test/error.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2016-12-09T13:08:33.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 0, @@ -12,9 +19,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.335Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -25,9 +39,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.335Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -38,9 +59,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.336Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -51,9 +79,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.345Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -64,9 +99,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.351Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -77,9 +119,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.784Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -93,9 +142,16 @@ }, { "@timestamp": "2016-12-09T22:21:02.443Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -106,9 +162,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -118,9 +181,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -130,9 +200,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 1422, diff --git a/filebeat/module/mysql/error/test/mariadb-10.4.8.log-expected.json b/filebeat/module/mysql/error/test/mariadb-10.4.8.log-expected.json index 9722b9cf1aa..9027223418b 100644 --- a/filebeat/module/mysql/error/test/mariadb-10.4.8.log-expected.json +++ b/filebeat/module/mysql/error/test/mariadb-10.4.8.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2019-10-15T09:46:45.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 0, @@ -13,9 +20,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -26,9 +40,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -39,9 +60,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -52,9 +80,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -65,9 +100,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -78,9 +120,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -91,9 +140,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -104,9 +160,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -117,9 +180,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -130,9 +200,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -143,9 +220,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -156,9 +240,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -169,9 +260,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -182,9 +280,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -195,9 +300,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -208,9 +320,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -221,9 +340,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -234,9 +360,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -247,9 +380,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -260,9 +400,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -273,9 +420,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -286,9 +440,16 @@ }, { "@timestamp": "2019-10-16T17:24:15.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -302,9 +463,16 @@ }, { "@timestamp": "2019-10-16T17:25:43.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -315,9 +483,16 @@ }, { "@timestamp": "2019-10-16T17:25:43.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -328,9 +503,16 @@ }, { "@timestamp": "2019-10-16T17:25:43.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -341,9 +523,17 @@ }, { "@timestamp": "2019-10-16T17:25:43.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info", + "error" + ], "fileset.name": "error", "input.type": "log", "log.level": "ERROR", @@ -354,9 +544,16 @@ }, { "@timestamp": "2019-10-16T17:25:43.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ diff --git a/filebeat/module/mysql/error/test/mysql-darwin-brew-5.7.10.log-expected.json b/filebeat/module/mysql/error/test/mysql-darwin-brew-5.7.10.log-expected.json index 1bec003f6f0..3d64d000faa 100644 --- a/filebeat/module/mysql/error/test/mysql-darwin-brew-5.7.10.log-expected.json +++ b/filebeat/module/mysql/error/test/mysql-darwin-brew-5.7.10.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2016-12-09T13:08:33.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 0, @@ -12,9 +19,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.335Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -25,9 +39,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.335Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -38,9 +59,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.336Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -51,9 +79,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.345Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -64,9 +99,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.351Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -77,9 +119,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.351Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -90,9 +139,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.351Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -103,9 +159,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.351Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -116,9 +179,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.352Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -129,9 +199,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.354Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -142,9 +219,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.366Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -155,9 +239,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.379Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -168,9 +259,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.401Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -181,9 +279,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.402Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -194,9 +299,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.402Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -207,9 +319,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.402Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -220,9 +339,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.402Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -233,9 +359,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.402Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -246,9 +379,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.549Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -259,9 +399,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.549Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -272,9 +419,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.549Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -285,9 +439,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.585Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -298,9 +459,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.588Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -311,9 +479,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.588Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -324,9 +499,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.588Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -337,9 +519,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.641Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -350,9 +539,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.642Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -363,9 +559,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.642Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -376,9 +579,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.643Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -389,9 +599,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.652Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -402,9 +619,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.662Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -415,9 +639,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.662Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -428,9 +659,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.665Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -441,9 +679,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.665Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -454,9 +699,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.698Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -467,9 +719,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.699Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -480,9 +739,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.699Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -493,9 +759,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.699Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -506,9 +779,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.784Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -519,9 +799,16 @@ }, { "@timestamp": "2016-12-09T12:08:33.784Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -535,9 +822,16 @@ }, { "@timestamp": "2016-12-09T22:21:02.443Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -548,9 +842,16 @@ }, { "@timestamp": "2016-12-09T22:36:49.017Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -561,9 +862,16 @@ }, { "@timestamp": "2016-12-09T23:37:34.021Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -574,9 +882,16 @@ }, { "@timestamp": "2016-12-10T00:17:54.198Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -587,9 +902,16 @@ }, { "@timestamp": "2016-12-10T01:18:38.017Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -600,9 +922,16 @@ }, { "@timestamp": "2016-12-10T01:39:00.017Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -613,9 +942,16 @@ }, { "@timestamp": "2016-12-10T02:39:45.021Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -626,9 +962,16 @@ }, { "@timestamp": "2016-12-10T02:49:08.015Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -639,9 +982,16 @@ }, { "@timestamp": "2016-12-10T03:24:15.016Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -652,9 +1002,16 @@ }, { "@timestamp": "2016-12-10T04:25:00.016Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -665,9 +1022,16 @@ }, { "@timestamp": "2016-12-10T04:34:24.021Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -678,9 +1042,16 @@ }, { "@timestamp": "2016-12-10T04:39:18.022Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -691,9 +1062,16 @@ }, { "@timestamp": "2016-12-10T05:40:03.016Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -704,9 +1082,16 @@ }, { "@timestamp": "2016-12-10T06:40:48.025Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -717,9 +1102,16 @@ }, { "@timestamp": "2016-12-10T06:45:55.018Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -730,9 +1122,16 @@ }, { "@timestamp": "2016-12-10T07:46:40.016Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -743,9 +1142,16 @@ }, { "@timestamp": "2016-12-10T07:56:04.016Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -756,9 +1162,16 @@ }, { "@timestamp": "2016-12-10T08:56:49.390Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -769,9 +1182,16 @@ }, { "@timestamp": "2016-12-10T09:06:11.019Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -782,9 +1202,16 @@ }, { "@timestamp": "2016-12-10T10:06:56.015Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -795,9 +1222,16 @@ }, { "@timestamp": "2016-12-10T10:16:18.022Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -808,9 +1242,16 @@ }, { "@timestamp": "2016-12-10T11:17:02.165Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -821,9 +1262,16 @@ }, { "@timestamp": "2016-12-10T11:30:44.018Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -834,9 +1282,16 @@ }, { "@timestamp": "2016-12-10T12:03:24.017Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -847,9 +1302,16 @@ }, { "@timestamp": "2016-12-10T12:06:40.015Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -860,9 +1322,16 @@ }, { "@timestamp": "2016-12-10T12:24:37.025Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -873,9 +1342,16 @@ }, { "@timestamp": "2016-12-10T13:25:22.017Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -886,9 +1362,16 @@ }, { "@timestamp": "2016-12-10T13:39:05.016Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -899,9 +1382,16 @@ }, { "@timestamp": "2016-12-10T14:39:50.178Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -912,9 +1402,16 @@ }, { "@timestamp": "2016-12-10T14:49:14.023Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -925,9 +1422,16 @@ }, { "@timestamp": "2016-12-10T15:49:59.022Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -938,9 +1442,16 @@ }, { "@timestamp": "2016-12-10T15:59:23.014Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -951,9 +1462,16 @@ }, { "@timestamp": "2016-12-10T17:00:08.019Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -964,9 +1482,16 @@ }, { "@timestamp": "2016-12-10T17:09:30.026Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -977,9 +1502,16 @@ }, { "@timestamp": "2016-12-10T17:48:20.017Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -990,9 +1522,16 @@ }, { "@timestamp": "2016-12-10T18:00:05.183Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1003,9 +1542,16 @@ }, { "@timestamp": "2016-12-10T18:54:13.016Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1016,9 +1562,16 @@ }, { "@timestamp": "2016-12-10T20:13:03.016Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1029,9 +1582,16 @@ }, { "@timestamp": "2016-12-10T20:50:11.201Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1042,9 +1602,16 @@ }, { "@timestamp": "2016-12-10T20:53:54.016Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1055,9 +1622,16 @@ }, { "@timestamp": "2016-12-10T21:03:18.023Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1068,9 +1642,16 @@ }, { "@timestamp": "2016-12-10T22:04:03.021Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1081,9 +1662,16 @@ }, { "@timestamp": "2016-12-10T22:13:57.015Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1094,9 +1682,16 @@ }, { "@timestamp": "2016-12-10T22:49:59.020Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1107,9 +1702,16 @@ }, { "@timestamp": "2016-12-10T23:12:12.023Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1120,9 +1722,16 @@ }, { "@timestamp": "2016-12-11T00:12:57.015Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1133,9 +1742,16 @@ }, { "@timestamp": "2016-12-11T00:26:41.053Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1146,9 +1762,16 @@ }, { "@timestamp": "2016-12-11T00:47:44.015Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1159,9 +1782,16 @@ }, { "@timestamp": "2016-12-11T00:49:50.017Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1172,9 +1802,16 @@ }, { "@timestamp": "2016-12-11T01:20:40.031Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1185,9 +1822,16 @@ }, { "@timestamp": "2016-12-11T02:21:24.021Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1198,9 +1842,16 @@ }, { "@timestamp": "2016-12-11T02:26:30.015Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1211,9 +1862,16 @@ }, { "@timestamp": "2016-12-11T03:18:55.018Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1224,9 +1882,16 @@ }, { "@timestamp": "2016-12-11T04:15:14.022Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1237,9 +1902,16 @@ }, { "@timestamp": "2016-12-11T04:20:52.016Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1250,9 +1922,16 @@ }, { "@timestamp": "2016-12-11T04:25:56.035Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1263,9 +1942,16 @@ }, { "@timestamp": "2016-12-11T05:26:41.020Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1276,9 +1962,16 @@ }, { "@timestamp": "2016-12-11T05:36:05.024Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1289,9 +1982,16 @@ }, { "@timestamp": "2016-12-11T06:36:50.017Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", diff --git a/filebeat/module/mysql/error/test/mysql-ubuntu-5.5.53.log-expected.json b/filebeat/module/mysql/error/test/mysql-ubuntu-5.5.53.log-expected.json index a02eb5f7c9f..f24d8d9fe61 100644 --- a/filebeat/module/mysql/error/test/mysql-ubuntu-5.5.53.log-expected.json +++ b/filebeat/module/mysql/error/test/mysql-ubuntu-5.5.53.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -13,9 +20,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -25,9 +39,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 246, @@ -36,9 +57,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 305, @@ -47,9 +75,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 374, @@ -58,9 +93,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 433, @@ -69,9 +111,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -83,9 +132,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -97,9 +153,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -111,9 +174,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -125,9 +195,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 1397, @@ -136,9 +213,16 @@ }, { "@timestamp": "2016-12-09T14:18:51.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 1466, @@ -147,9 +231,16 @@ }, { "@timestamp": "2016-12-09T14:18:51.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 1528, @@ -158,9 +249,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 1574, @@ -169,9 +267,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -181,9 +286,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -193,9 +305,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 1893, @@ -204,9 +323,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 1952, @@ -215,9 +341,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 2021, @@ -226,9 +359,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 2080, @@ -237,9 +377,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 2144, @@ -248,9 +395,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 2208, @@ -259,9 +413,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 2276, @@ -270,9 +431,16 @@ }, { "@timestamp": "2016-12-09T14:18:53.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -284,9 +452,17 @@ }, { "@timestamp": "2016-12-09T14:18:53.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info", + "error" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -299,9 +475,16 @@ }, { "@timestamp": "2016-12-09T14:18:53.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 2687, @@ -310,9 +493,16 @@ }, { "@timestamp": "2016-12-09T14:18:53.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 2733, @@ -321,9 +511,16 @@ }, { "@timestamp": "2016-12-09T14:18:53.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -336,9 +533,16 @@ }, { "@timestamp": "2016-12-09T14:18:53.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -348,9 +552,16 @@ }, { "@timestamp": "2016-12-09T14:18:53.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -360,9 +571,16 @@ }, { "@timestamp": "2016-12-09T14:18:53.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 3112, @@ -371,9 +589,16 @@ }, { "@timestamp": "2016-12-09T14:18:53.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 3171, @@ -382,9 +607,16 @@ }, { "@timestamp": "2016-12-09T14:18:53.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 3240, @@ -393,9 +625,16 @@ }, { "@timestamp": "2016-12-09T14:18:53.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 3299, @@ -404,9 +643,16 @@ }, { "@timestamp": "2016-12-09T14:18:53.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 3363, @@ -415,9 +661,16 @@ }, { "@timestamp": "2016-12-09T14:18:53.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 3427, @@ -426,9 +679,16 @@ }, { "@timestamp": "2016-12-09T14:18:53.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 3495, @@ -437,9 +697,16 @@ }, { "@timestamp": "2016-12-09T14:18:54.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 3564, @@ -448,9 +715,16 @@ }, { "@timestamp": "2016-12-09T14:18:54.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 3632, @@ -459,9 +733,17 @@ }, { "@timestamp": "2016-12-09T14:18:56.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info", + "error" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -474,9 +756,16 @@ }, { "@timestamp": "2016-12-09T14:18:56.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 3712, @@ -485,9 +774,16 @@ }, { "@timestamp": "2016-12-09T14:18:56.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 3758, @@ -496,9 +792,16 @@ }, { "@timestamp": "2016-12-09T14:18:56.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -511,9 +814,16 @@ }, { "@timestamp": "2016-12-09T14:18:56.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -523,9 +833,16 @@ }, { "@timestamp": "2016-12-09T14:18:56.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -535,9 +852,16 @@ }, { "@timestamp": "2016-12-09T14:18:56.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 4137, @@ -546,9 +870,16 @@ }, { "@timestamp": "2016-12-09T14:18:56.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 4196, @@ -557,9 +888,16 @@ }, { "@timestamp": "2016-12-09T14:18:56.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 4265, @@ -568,9 +906,16 @@ }, { "@timestamp": "2016-12-09T14:18:56.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 4324, @@ -579,9 +924,16 @@ }, { "@timestamp": "2016-12-09T14:18:56.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 4388, @@ -590,9 +942,16 @@ }, { "@timestamp": "2016-12-09T14:18:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 4452, @@ -601,9 +960,16 @@ }, { "@timestamp": "2016-12-09T14:18:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 4520, @@ -612,9 +978,16 @@ }, { "@timestamp": "2016-12-09T14:18:58.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 4589, @@ -623,9 +996,16 @@ }, { "@timestamp": "2016-12-09T14:18:58.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -635,9 +1015,16 @@ }, { "@timestamp": "2016-12-09T14:18:58.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -647,9 +1034,16 @@ }, { "@timestamp": "2016-12-09T14:18:58.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -659,9 +1053,16 @@ }, { "@timestamp": "2016-12-09T14:18:58.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -671,9 +1072,16 @@ }, { "@timestamp": "2016-12-09T14:18:58.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -686,9 +1094,16 @@ }, { "@timestamp": "2016-12-09T14:37:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -701,9 +1116,16 @@ }, { "@timestamp": "2016-12-09T14:37:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -713,9 +1135,16 @@ }, { "@timestamp": "2016-12-09T14:37:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 5207, @@ -724,9 +1153,16 @@ }, { "@timestamp": "2016-12-09T14:37:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 5253, @@ -735,9 +1171,16 @@ }, { "@timestamp": "2016-12-09T14:37:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -750,9 +1193,16 @@ }, { "@timestamp": "2016-12-09T14:37:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -762,9 +1212,16 @@ }, { "@timestamp": "2016-12-09T14:37:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -774,9 +1231,16 @@ }, { "@timestamp": "2016-12-09T14:37:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 5632, @@ -785,9 +1249,16 @@ }, { "@timestamp": "2016-12-09T14:37:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 5691, @@ -796,9 +1267,16 @@ }, { "@timestamp": "2016-12-09T14:37:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 5760, @@ -807,9 +1285,16 @@ }, { "@timestamp": "2016-12-09T14:37:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 5819, @@ -818,9 +1303,16 @@ }, { "@timestamp": "2016-12-09T14:37:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 5883, @@ -829,9 +1321,16 @@ }, { "@timestamp": "2016-12-09T14:37:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 5947, @@ -840,9 +1339,16 @@ }, { "@timestamp": "2016-12-09T14:37:57.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 6015, @@ -851,9 +1357,16 @@ }, { "@timestamp": "2016-12-09T14:37:58.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 6084, @@ -862,9 +1375,16 @@ }, { "@timestamp": "2016-12-09T14:37:58.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -874,9 +1394,16 @@ }, { "@timestamp": "2016-12-09T14:37:58.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -886,9 +1413,16 @@ }, { "@timestamp": "2016-12-09T14:37:58.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -898,9 +1432,16 @@ }, { "@timestamp": "2016-12-09T14:37:58.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -910,9 +1451,16 @@ }, { "@timestamp": "2016-12-09T14:37:58.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -925,9 +1473,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -937,9 +1492,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -949,9 +1511,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 6826, @@ -960,9 +1529,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 6885, @@ -971,9 +1547,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 6954, @@ -982,9 +1565,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 7013, @@ -993,9 +1583,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -1007,9 +1604,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -1021,9 +1625,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -1035,9 +1646,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.flags": [ @@ -1049,9 +1667,16 @@ }, { "@timestamp": "2016-12-09T14:18:50.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 7977, @@ -1060,9 +1685,16 @@ }, { "@timestamp": "2016-12-09T14:18:51.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 8046, @@ -1071,9 +1703,16 @@ }, { "@timestamp": "2016-12-09T14:18:51.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 8108, @@ -1082,9 +1721,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 8154, @@ -1093,9 +1739,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -1105,9 +1758,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Note", @@ -1117,9 +1777,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 8473, @@ -1128,9 +1795,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 8532, @@ -1139,9 +1813,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 8601, @@ -1150,9 +1831,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 8660, @@ -1161,9 +1849,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 8724, @@ -1172,9 +1867,16 @@ }, { "@timestamp": "2016-12-09T14:18:52.000-02:00", + "event.category": [ + "database" + ], "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.offset": 8788, diff --git a/filebeat/module/mysql/error/test/mysql-ubuntu-8.0.15.log-expected.json b/filebeat/module/mysql/error/test/mysql-ubuntu-8.0.15.log-expected.json index 148506b720d..3711000335a 100644 --- a/filebeat/module/mysql/error/test/mysql-ubuntu-8.0.15.log-expected.json +++ b/filebeat/module/mysql/error/test/mysql-ubuntu-8.0.15.log-expected.json @@ -1,9 +1,18 @@ [ { "@timestamp": "2019-03-24T13:44:25.484Z", + "event.category": [ + "database" + ], + "event.code": "MY-013169", "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", + "event.provider": "Server", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "System", @@ -14,9 +23,18 @@ }, { "@timestamp": "2019-03-24T13:44:27.924Z", + "event.category": [ + "database" + ], + "event.code": "MY-010453", "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", + "event.provider": "Server", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -27,9 +45,18 @@ }, { "@timestamp": "2019-03-24T13:44:29.065Z", + "event.category": [ + "database" + ], + "event.code": "MY-013170", "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", + "event.provider": "Server", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "System", @@ -40,9 +67,18 @@ }, { "@timestamp": "2019-03-24T13:44:31.085Z", + "event.category": [ + "database" + ], + "event.code": "MY-010116", "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", + "event.provider": "Server", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "System", @@ -53,9 +89,18 @@ }, { "@timestamp": "2019-03-24T13:44:31.533Z", + "event.category": [ + "database" + ], + "event.code": "MY-010068", "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", + "event.provider": "Server", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -66,9 +111,18 @@ }, { "@timestamp": "2019-03-24T13:44:31.534Z", + "event.category": [ + "database" + ], + "event.code": "MY-011810", "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", + "event.provider": "Server", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -79,9 +133,18 @@ }, { "@timestamp": "2019-03-24T13:44:31.555Z", + "event.category": [ + "database" + ], + "event.code": "MY-013172", "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", + "event.provider": "Server", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "System", @@ -92,9 +155,18 @@ }, { "@timestamp": "2019-03-24T13:44:33.236Z", + "event.category": [ + "database" + ], + "event.code": "MY-010910", "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", + "event.provider": "Server", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "System", @@ -105,9 +177,18 @@ }, { "@timestamp": "2019-03-24T13:44:34.072Z", + "event.category": [ + "database" + ], + "event.code": "MY-010116", "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", + "event.provider": "Server", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "System", @@ -118,9 +199,18 @@ }, { "@timestamp": "2019-03-24T13:44:34.406Z", + "event.category": [ + "database" + ], + "event.code": "MY-010068", "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", + "event.provider": "Server", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "Warning", @@ -131,9 +221,18 @@ }, { "@timestamp": "2019-03-24T13:44:34.420Z", + "event.category": [ + "database" + ], + "event.code": "MY-010931", "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", + "event.provider": "Server", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "System", @@ -144,9 +243,18 @@ }, { "@timestamp": "2019-03-24T13:44:34.572Z", + "event.category": [ + "database" + ], + "event.code": "MY-011323", "event.dataset": "mysql.error", + "event.kind": "event", "event.module": "mysql", + "event.provider": "Server", "event.timezone": "-02:00", + "event.type": [ + "info" + ], "fileset.name": "error", "input.type": "log", "log.level": "System", diff --git a/filebeat/module/mysql/slowlog/ingest/pipeline.json b/filebeat/module/mysql/slowlog/ingest/pipeline.json index 704b9017e50..93ce577a330 100644 --- a/filebeat/module/mysql/slowlog/ingest/pipeline.json +++ b/filebeat/module/mysql/slowlog/ingest/pipeline.json @@ -61,6 +61,21 @@ "field": "mysql.slowlog.timestamp", "ignore_missing": true } + }, { + "set":{ + "field": "event.kind", + "value": "event" + } + }, { + "append":{ + "field": "event.category", + "value": "database" + } + }, { + "append":{ + "field": "event.type", + "value": "info" + } }], "on_failure" : [{ "set" : { diff --git a/filebeat/module/mysql/slowlog/test/mariadb-10.1.21.log-expected.json b/filebeat/module/mysql/slowlog/test/mariadb-10.1.21.log-expected.json index 5d687f579e6..ca78d11e19c 100644 --- a/filebeat/module/mysql/slowlog/test/mariadb-10.1.21.log-expected.json +++ b/filebeat/module/mysql/slowlog/test/mariadb-10.1.21.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2018-06-13T14:04:36.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 2000652000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ diff --git a/filebeat/module/mysql/slowlog/test/mariadb-10.2.12.log-expected.json b/filebeat/module/mysql/slowlog/test/mariadb-10.2.12.log-expected.json index 7af1a4879ca..aeae8bc94cd 100644 --- a/filebeat/module/mysql/slowlog/test/mariadb-10.2.12.log-expected.json +++ b/filebeat/module/mysql/slowlog/test/mariadb-10.2.12.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2019-01-17T16:04:03.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 2000227000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -24,9 +31,16 @@ }, { "@timestamp": "2019-01-17T16:04:18.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 178306016000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ diff --git a/filebeat/module/mysql/slowlog/test/mariadb-10.3.13.log-expected.json b/filebeat/module/mysql/slowlog/test/mariadb-10.3.13.log-expected.json index 88dfec1469a..baab258fe84 100644 --- a/filebeat/module/mysql/slowlog/test/mariadb-10.3.13.log-expected.json +++ b/filebeat/module/mysql/slowlog/test/mariadb-10.3.13.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2019-03-24T16:03:00.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 2461578000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ diff --git a/filebeat/module/mysql/slowlog/test/mariadb-explain.log-expected.json b/filebeat/module/mysql/slowlog/test/mariadb-explain.log-expected.json index 0095b4ad40a..92e24e577bb 100644 --- a/filebeat/module/mysql/slowlog/test/mariadb-explain.log-expected.json +++ b/filebeat/module/mysql/slowlog/test/mariadb-explain.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2013-11-12T13:03:32.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 5524103000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ diff --git a/filebeat/module/mysql/slowlog/test/mysql-5.7.22.log-expected.json b/filebeat/module/mysql/slowlog/test/mysql-5.7.22.log-expected.json index 23bcf3c588c..d5748da6547 100644 --- a/filebeat/module/mysql/slowlog/test/mysql-5.7.22.log-expected.json +++ b/filebeat/module/mysql/slowlog/test/mysql-5.7.22.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2018-08-07T08:27:47.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 15000223000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -22,9 +29,16 @@ }, { "@timestamp": "2018-08-07T08:27:47.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 153000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -42,9 +56,16 @@ }, { "@timestamp": "2018-08-07T08:27:47.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 4071491000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -64,9 +85,16 @@ }, { "@timestamp": "2018-08-07T08:27:47.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 10346539000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ diff --git a/filebeat/module/mysql/slowlog/test/mysql-darwin-brew-5.7.10.log-expected.json b/filebeat/module/mysql/slowlog/test/mysql-darwin-brew-5.7.10.log-expected.json index d2ad9e0958a..a439aa4a5aa 100644 --- a/filebeat/module/mysql/slowlog/test/mysql-darwin-brew-5.7.10.log-expected.json +++ b/filebeat/module/mysql/slowlog/test/mysql-darwin-brew-5.7.10.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2016-12-12T11:54:16.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 11004467000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ diff --git a/filebeat/module/mysql/slowlog/test/mysql-debian-5.7.17.log-expected.json b/filebeat/module/mysql/slowlog/test/mysql-debian-5.7.17.log-expected.json index 0bb537277a2..bdbee3aad14 100644 --- a/filebeat/module/mysql/slowlog/test/mysql-debian-5.7.17.log-expected.json +++ b/filebeat/module/mysql/slowlog/test/mysql-debian-5.7.17.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2017-04-28T09:07:39.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 4071491000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -23,9 +30,16 @@ }, { "@timestamp": "2017-04-28T09:16:30.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 10346539000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -45,9 +59,16 @@ }, { "@timestamp": "2017-04-28T09:31:31.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 10508030000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ diff --git a/filebeat/module/mysql/slowlog/test/mysql-debian-5.7.19.log-expected.json b/filebeat/module/mysql/slowlog/test/mysql-debian-5.7.19.log-expected.json index 35f625478df..b6cba473929 100644 --- a/filebeat/module/mysql/slowlog/test/mysql-debian-5.7.19.log-expected.json +++ b/filebeat/module/mysql/slowlog/test/mysql-debian-5.7.19.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2018-04-26T18:50:32.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 100000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ diff --git a/filebeat/module/mysql/slowlog/test/mysql-ubuntu-5.5.53.log-expected.json b/filebeat/module/mysql/slowlog/test/mysql-ubuntu-5.5.53.log-expected.json index a137a989e2f..3e4b0853e28 100644 --- a/filebeat/module/mysql/slowlog/test/mysql-ubuntu-5.5.53.log-expected.json +++ b/filebeat/module/mysql/slowlog/test/mysql-ubuntu-5.5.53.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2016-12-09T14:37:59.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 153000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -21,9 +28,16 @@ }, { "@timestamp": "2016-12-09T14:37:59.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 2456000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -41,9 +55,16 @@ }, { "@timestamp": "2016-12-09T14:37:59.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 6278000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -61,9 +82,16 @@ }, { "@timestamp": "2016-12-09T14:37:59.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 262000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -81,9 +109,16 @@ }, { "@timestamp": "2016-12-09T14:37:59.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 323000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -101,9 +136,16 @@ }, { "@timestamp": "2016-12-09T14:37:59.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 7084000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -121,9 +163,16 @@ }, { "@timestamp": "2016-12-09T14:37:59.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 277000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -141,9 +190,16 @@ }, { "@timestamp": "2016-12-09T14:37:59.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 254000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -161,9 +217,16 @@ }, { "@timestamp": "2016-12-09T14:37:59.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 297000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -181,9 +244,16 @@ }, { "@timestamp": "2016-12-09T14:37:59.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 1676000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -201,9 +271,16 @@ }, { "@timestamp": "2016-12-09T14:37:59.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 8782000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -221,9 +298,16 @@ }, { "@timestamp": "2016-12-09T14:39:02.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 2000268000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -241,9 +325,16 @@ }, { "@timestamp": "2016-12-09T14:39:23.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 138000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -262,9 +353,16 @@ }, { "@timestamp": "2016-12-09T14:39:40.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 159000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ diff --git a/filebeat/module/mysql/slowlog/test/mysql-ubuntu-8.0.15.log-expected.json b/filebeat/module/mysql/slowlog/test/mysql-ubuntu-8.0.15.log-expected.json index dcb533f25ba..5e258b4c210 100644 --- a/filebeat/module/mysql/slowlog/test/mysql-ubuntu-8.0.15.log-expected.json +++ b/filebeat/module/mysql/slowlog/test/mysql-ubuntu-8.0.15.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2019-03-24T14:01:45.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 2475469000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -23,11 +30,18 @@ }, { "@timestamp": "2019-03-24T14:04:51.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 2631844000, "event.end": "2019-03-24T14:04:53.713951Z", + "event.kind": "event", "event.module": "mysql", "event.start": "2019-03-24T14:04:51.082107Z", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ diff --git a/filebeat/module/mysql/slowlog/test/percona-ubuntu-5.7.19-innodb.log-expected.json b/filebeat/module/mysql/slowlog/test/percona-ubuntu-5.7.19-innodb.log-expected.json index 2da8e67a7bf..9f4cf24cb83 100644 --- a/filebeat/module/mysql/slowlog/test/percona-ubuntu-5.7.19-innodb.log-expected.json +++ b/filebeat/module/mysql/slowlog/test/percona-ubuntu-5.7.19-innodb.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2019-01-21T06:36:03.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 50365000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -39,9 +46,16 @@ }, { "@timestamp": "2019-01-21T09:15:36.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 153883488000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ diff --git a/filebeat/module/mysql/slowlog/test/percona-ubuntu-5.7.19.log-expected.json b/filebeat/module/mysql/slowlog/test/percona-ubuntu-5.7.19.log-expected.json index 05ad0b678d3..fc6a7af2d25 100644 --- a/filebeat/module/mysql/slowlog/test/percona-ubuntu-5.7.19.log-expected.json +++ b/filebeat/module/mysql/slowlog/test/percona-ubuntu-5.7.19.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2018-11-16T06:25:56.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 10569000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -39,9 +46,16 @@ }, { "@timestamp": "2018-11-16T13:02:59.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 36112000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -84,9 +98,16 @@ }, { "@timestamp": "2019-01-21T06:33:10.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 23385000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -122,9 +143,16 @@ }, { "@timestamp": "2019-01-21T06:34:30.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 10278000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -162,9 +190,16 @@ }, { "@timestamp": "2019-01-21T06:35:33.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 14315000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -200,9 +235,16 @@ }, { "@timestamp": "2019-01-21T06:36:03.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 50365000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -238,9 +280,16 @@ }, { "@timestamp": "2019-01-21T06:36:40.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 32463768000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -283,9 +332,16 @@ }, { "@timestamp": "2019-01-21T09:15:36.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 153883488000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ diff --git a/filebeat/module/mysql/slowlog/test/percona-ubuntu-8.0.15.log-expected.json b/filebeat/module/mysql/slowlog/test/percona-ubuntu-8.0.15.log-expected.json index acd0c143dbf..fdebbcef421 100644 --- a/filebeat/module/mysql/slowlog/test/percona-ubuntu-8.0.15.log-expected.json +++ b/filebeat/module/mysql/slowlog/test/percona-ubuntu-8.0.15.log-expected.json @@ -1,9 +1,16 @@ [ { "@timestamp": "2019-03-24T16:22:41.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 2746607000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [ @@ -27,9 +34,16 @@ }, { "@timestamp": "2019-03-24T16:26:01.000Z", + "event.category": [ + "database" + ], "event.dataset": "mysql.slowlog", "event.duration": 3133066000, + "event.kind": "event", "event.module": "mysql", + "event.type": [ + "info" + ], "fileset.name": "slowlog", "input.type": "log", "log.flags": [