billgraziano
commented
2 years ago You need to create an extended event session to capture all your SQL queries. Then use the utility to read that session.
Closed SerhiiZahuba closed 2 years ago
billgraziano
commented
2 years ago You need to create an extended event session to capture all your SQL queries. Then use the utility to read that session.
SerhiiZahuba
commented
2 years ago Sorry, please, but I can’t find how to do this, my config is below, but in the file I don’t see my queries in sql
` [filesink] retain_hours = 4
[app]
http_metrics = true http_metrics_port = 6061 watch_config = true
[defaults] sessions = ["system_health", "AlwaysOn_health"] look_back = "168h" # one week rows = 20000 # 20000 is a good value. Lots of events but doesn't block too long. 0 or omitted processes all the rows
timestamp_field_name = "@timestamp" payload_field_name = "mssql" # all the XE events are under this field agentjobs = "all" exclude_17830 = true excludedEvents = [ "connectivity_ring_buffer_recorded", "memory_broker_ring_buffer_recorded", "scheduler_monitor_system_health_ring_buffer_recorded", "security_error_ring_buffer_recorded" ]
[[source]] fqdn = "localhost" `
I need to log all queries with mssql to ELK. Now I set up writing to the log file for tests. But I do not see my requests in this log, it is updated, but there are only system logs without my requests. Help me please. thanks