Versions Compared

Old Version 2

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
maxLevel2
typeflat

Introduction

The tags beginning with db.mssql identify events generated by Microsoft SQL Server.

Valid tags and data tablestables 

The full tag must have at least 3 three levels. The first two first are fixed asdb.mssql. The third corresponds to level identifies the type of logs sent.

...

Technology

...

Brand

...

Type

...

db

...

  • mssql

...

error

...

events sent. The fourth, fifth, and sixth levels identity the corresponding environment, application, and clone.

These are the valid tags and corresponding data tables that will receive the parsers' data:

Tag

Product / Service

Tags

Data

table

tables

Microsoft SQL Server

db.mssql.audit

db.mssql.audit

b.mssql.error.env.app.clon

db.mssql.error

db.mssql.events.env.app.clon

db.mssql.events

For more information, read more about Devo tags.

Table structure

These are the fields displayed in these tables:

Anchor
tag1
tag1
db.mssql.audit

Field

Type

Source field name

Extra fields

eventdate

timestamp

environment

str

venv

application

str

vapp

clon

str

vclon

message

str

rawMessage

str

rawSource

hostchain

str

tag

str

Anchor
tag2
tag2
 db.mssql.error

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

environment

str

 

venv

application

str

 

vapp

clon

str

 

vclon

date

timestamp

Code Block
parsedate(date_str, dateformat("YYYY-MM-DD HH:mm:ss.SS"))

date_str

source

str

 

 

message

str

 

 

database

str

 

 

creation_date

str

 

 

first_LSN

str

 

 

last_LSN

str

 

 

number_device

int4

 

 

device_information

str

 

 

extMessage

str

 

 

hostname

str

 

 

host_ip

ip4

 

 

host_ip_str

str

 

 

tag

str

 

 

rawMessage

str

 

 

hostchain

str

 

 

 
Anchor
tag3
tag3
db.mssql.events

Field

Type

Source field name

Extra fields

eventdate

timestamp

environment

str

venv

application

str

vapp

clon

str

vclon

hostname

str

user

str

eventTime

timestamp

hostname2

str

keywords

int8

eventType

str

severityValue

int4

severity

str

eventID

int4

sourceName

str

task

int4

recordNumber

int8

processID

int4

threadID

int4

channel

str

message

str

category

str

eventReceivedTime

timestamp

sourceModuleName

str

sourceModuleType

str

syslogFacilityValue

int4

syslogSeverityValue

int4

costCenter

str

configurationItem

str

teamEmail

str

hostchain

str

tag

str

rawMessage

str