8
responses

Q1.
Hello I have one problem about mysql to graylog server

i want my db (version:mariadb 5.5 OS centos 7 ) "SELECT eventlog" to my graylog server

but my nxlog log have error
the message is:
ERROR im_dbi failed to execute SQL statement. 1064: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE id > -1 LIMIT 10' at line 1

my nxlog.conf

<Extension _syslog>
Module xm_syslog
</Extension>

<Input in>
Module im_dbi
Driver mysql
Option host 127.0.0.1
Option username root
Option password librenms
Option dbname librenms
SQL SELECT eventlog
</Input>

<Output out>
Module om_udp
Host 192.168.1.20
Port 10514
Exec to_syslog_snare();
</Output>

<Route 1>
Path in => out
</Route>

so how can i do or where are reference about nxlog for mysql(mariadb) ?

Q2. can i install nxlog-ce to CentOS8?

AskedNovember 4, 2020 - 6:12am

Comments (8)

  • Arkadiy's picture
    (NXLog)

    Hello.

    Regarding first point - shouldn't you use FROM clause in your SQL query? And is there any column with id name?

    Second one - it should work but not guaranteed as it's CE.

    Regards, Arch

  • lokeliu's picture

    Hello Arkadiy

    can you teach me example???please~~

    i have problem

    Q3 if i have nxlog for centos 7 ,ip is 192.168.1.2 my db (mysql) is 192.168.1.3
    my nxlog can be reading my db select?

  • raf's picture
    (NXLog)

    Hi Lokeliu,

    Q1: How Arkadiy already said, you need to have a proper SQL query. If you don't have this skill, I recommend using one of the trials, widely available over the Internet.
    Q2: Currently, we don't have a dedicated CentOS8 NXLog CE binary file, but it is very likely it would work - I've installed it in the past on CentOS8 and even if it required some additional steps, it worked well.
    Q3: If you set up your configuration properly and according to your network settings - the probability it's gonna work is high.

    Best regards & good luck,

    Rafal

  • lokeliu's picture

    Hello raf
    about
    About Q1:
    I set up according to the example but my nxlog is Same error

    -------------------------------------------------------------------------------------
    2020-11-05 11:45:15 INFO nxlog-ce-2.10.2150 started
    2020-11-05 11:45:15 ERROR im_dbi failed to execute SQL statement. 1054: Unknown column 'id' in 'where clause'
    ------------------------------------------------------------------------

    conf:

    <Input in>
    Module im_dbi
    Driver mysql
    Option host 127.0.0.1
    Option username root
    Option password librenms
    Option dbname librenms
    SQL SELECT event_id,device_id,datetime,message type,reference,username,severity FROM eventlog

    </Input>

    Thank you for patiently answering my questions

  • Arkadiy's picture
    (NXLog)

    Hi.

    Do you have a column labeled as ID in your DB?
    If now then you should use some column as a replacement because NXLog need this column to read correctly through DB.
    Please take a look at our manual here: https://nxlog.co/documentation/nxlog-user-guide-full#mssql_reading_id

    Best regards, Arch

  • raf's picture
    (NXLog)

    Hello Lokeliu,

    The line

    2020-11-05 11:45:15 ERROR im_dbi failed to execute SQL statement. 1054: Unknown column 'id' in 'where clause'
    

    suggests this particular table (eventlog) doesn't have the id column.

    Please, check if everything's fine with your database and data inside.

    Best regards,

    Rafal

  • lokeliu's picture

    Hello raf

    like this ?

    +----------+-----------+---------------------+----------------------------+-----------+-----------+----------+----------+
    | event_id | device_id | datetime | message | type | reference | username | severity |
    +----------+-----------+---------------------+----------------------------+-----------+-----------+----------+----------+
    | 12201 | 4 | 2020-11-04 11:05:10 | HDM1 (MemSize) -> 49152 | NULL | NULL | | 3 |
    | 12202 | 3 | 2020-11-04 11:05:10 | DB3 (GuestOS) -> | NULL | NULL | | 3 |
    | 12203 | 4 | 2020-11-04 11:05:10 | HDM1 (State) -> powered on | NULL | NULL | | 3 |

Answers (0)