我的书签
添加书签
移除书签Elastic Microsoft SQL connector reference
Elastic Microsoft SQL connector reference
The Elastic Microsoft SQL connector is a connector for Microsoft SQL databases. This connector is written in Python using the Elastic connector framework.
View the source code for this connector (branch 8.17, compatible with Elastic 8.17).
Choose your connector reference
Are you using a managed connector on Elastic Cloud or a self-managed connector? Expand the documentation based on your deployment method.
Elastic managed connector reference
View Elastic managed connector reference
Availability and prerequisites
This connector is available as a managed connector in Elastic versions 8.8.0 and later. To use this connector natively in Elastic Cloud, satisfy all managed connector requirements.
Create a Microsoft SQL connector
Use the UI
To create a new Microsoft SQL connector:
- In the Kibana UI, navigate to the Search → Content → Connectors page from the main menu, or use the global search field.
- Follow the instructions to create a new native Microsoft SQL connector.
For additional operations, see Connectors UI in Kibana.
Use the API
You can use the Elasticsearch Create connector API to create a new native Microsoft SQL connector.
For example:
resp = client.connector.put(connector_id="my-{service-name-stub}-connector",index_name="my-elasticsearch-index",name="Content synced from {service-name}",service_type="{service-name-stub}",is_native=True,)print(resp)
const response = await client.connector.put({connector_id: "my-{service-name-stub}-connector",index_name: "my-elasticsearch-index",name: "Content synced from {service-name}",service_type: "{service-name-stub}",is_native: true,});console.log(response);
PUT _connector/my-mssql-connector{"index_name": "my-elasticsearch-index","name": "Content synced from Microsoft SQL","service_type": "mssql","is_native": true}
You’ll also need to create an API key for the connector to use.
The user needs the cluster privileges manage_api_key, manage_connector and write_connector_secrets to generate API keys programmatically.
To create an API key for the connector:
Run the following command, replacing values where indicated. Note the
idandencodedreturn values from the response:resp = client.security.create_api_key(name="my-connector-api-key",role_descriptors={"my-connector-connector-role": {"cluster": ["monitor","manage_connector"],"indices": [{"names": ["my-index_name",".search-acl-filter-my-index_name",".elastic-connectors*"],"privileges": ["all"],"allow_restricted_indices": False}]}},)print(resp)
const response = await client.security.createApiKey({name: "my-connector-api-key",role_descriptors: {"my-connector-connector-role": {cluster: ["monitor", "manage_connector"],indices: [{names: ["my-index_name",".search-acl-filter-my-index_name",".elastic-connectors*",],privileges: ["all"],allow_restricted_indices: false,},],},},});console.log(response);
POST /_security/api_key{"name": "my-connector-api-key","role_descriptors": {"my-connector-connector-role": {"cluster": ["monitor","manage_connector"],"indices": [{"names": ["my-index_name",".search-acl-filter-my-index_name",".elastic-connectors*"],"privileges": ["all"],"allow_restricted_indices": false}]}}}
Use the
encodedvalue to store a connector secret, and note theidreturn value from this response:resp = client.perform_request("POST","/_connector/_secret",headers={"Content-Type": "application/json"},body={"value": "encoded_api_key"},)print(resp)
const response = await client.transport.request({method: "POST",path: "/_connector/_secret",body: {value: "encoded_api_key",},});console.log(response);
POST _connector/_secret{"value": "encoded_api_key"}
Use the API key
idand the connector secretidto update the connector:resp = client.connector.update_api_key_id(connector_id="my_connector_id>",api_key_id="API key_id",api_key_secret_id="secret_id",)print(resp)
const response = await client.connector.updateApiKeyId({connector_id: "my_connector_id>",api_key_id: "API key_id",api_key_secret_id: "secret_id",});console.log(response);
PUT /_connector/my_connector_id>/_api_key_id{"api_key_id": "API key_id","api_key_secret_id": "secret_id"}
Refer to the Elasticsearch API documentation for details of all available Connector APIs.
Usage
To use this connector as a managed connector, use the Connector workflow. See Elastic managed connectors.
Users require the sysadmin SQL Server role. Note that SQL Server Authentication is required. Windows Authentication is not supported.
For additional operations, see Connectors UI in Kibana.
Compatibility
The following are compatible with Elastic connector frameworks:
- Microsoft SQL Server versions 2017, 2019
- Azure SQL
- Amazon RDS for SQL Server
Configuration
The following configuration fields are required to set up the connector:
Host
The server host address where the Microsoft SQL Server is hosted. Default value is 127.0.0.1. Examples:
192.158.1.38demo.instance.demo-region.demo.service.com
Port
The port where the Microsoft SQL Server is hosted. Default value is 1433.
Username
The username of the account for Microsoft SQL Server (SQL Server Authentication only).
Password
The password of the account to be used for the Microsoft SQL Server (SQL Server Authentication only).
Database
Name of the Microsoft SQL Server database. Examples:
employee_databasecustomer_database
Comma-separated list of tables
List of tables, separated by commas. The Microsoft SQL connector will fetch data from all tables present in the configured database, if the value is * . Default value is *. Examples:
table_1, table_2*This field can be bypassed by advanced sync rules.
Schema
Name of the Microsoft SQL Server schema. Default value is dbo.
Examples:
dbocustom_schema
Enable SSL
Toggle to enable SSL verification. Default value is False.
SSL certificate
Content of SSL certificate. If SSL is disabled, the ssl_ca value will be ignored.
Expand to see an example certificate
-----BEGIN CERTIFICATE-----MIID+jCCAuKgAwIBAgIGAJJMzlxLMA0GCSqGSIb3DQEBCwUAMHoxCzAJBgNVBAYT...7RhLQyWn2u00L7/9Omw=-----END CERTIFICATE-----
Validate host
Toggle to enable host validation. Default value is False.
Documents and syncs
- Tables with no primary key defined are skipped.
If the
last_user_updateofsys.dm_db_index_usage_statstable is not available for a specific table and database then all data in that table will be synced.Files bigger than 10 MB won’t be extracted.
- Permissions are not synced. All documents indexed to an Elastic deployment will be visible to all users with access to that Elastic Deployment.
Sync rules
Basic sync rules are identical for all connectors and are available by default. For more information read sync rules.
Advanced sync rules
This connector supports advanced sync rules for remote filtering. These rules cover complex query-and-filter scenarios that cannot be expressed with basic sync rules. Advanced sync rules are defined through a source-specific DSL JSON snippet.
A full sync is required for advanced sync rules to take effect.
Here are a few examples of advanced sync rules for this connector.
Expand to see example data
employee table
| emp_id | name | age |
|---|---|---|
3 | John | 28 |
10 | Jane | 35 |
14 | Alex | 22 |
* customer table
| c_id | name | age |
|---|---|---|
2 | Elm | 24 |
6 | Pine | 30 |
9 | Oak | 34 |
Example: Two queries
These rules fetch all records from both the employee and customer tables. The data from these tables will be synced separately to Elasticsearch.
[{"tables": ["employee"],"query": "SELECT * FROM employee"},{"tables": ["customer"],"query": "SELECT * FROM customer"}]
Example: One WHERE query
This rule fetches only the records from the employee table where the emp_id is greater than 5. Only these filtered records will be synced to Elasticsearch.
[{"tables": ["employee"],"query": "SELECT * FROM employee WHERE emp_id > 5"}]
Example: One JOIN query
This rule fetches records by performing an INNER JOIN between the employee and customer tables on the condition that the emp_id in employee matches the c_id in customer. The result of this combined data will be synced to Elasticsearch.
[{"tables": ["employee", "customer"],"query": "SELECT * FROM employee INNER JOIN customer ON employee.emp_id = customer.c_id"}]
When using advanced rules, a query can bypass the configuration field tables. This will happen if the query specifies a table that doesn’t appear in the configuration. This can also happen if the configuration specifies * to fetch all tables while the advanced sync rule requests for only a subset of tables.
Known issues
There are no known issues for this connector. See Known issues for any issues affecting all connectors.
Troubleshooting
See Troubleshooting.
Security
See Security.
This connector uses the generic database connector source code (branch 8.17, compatible with Elastic 8.17).
View additional code specific to this data source (branch 8.17, compatible with Elastic 8.17).
Self-managed connector
View self-managed connector reference
Availability and prerequisites
This connector is available as a self-managed self-managed connector. To use this connector, satisfy all self-managed connector requirements.
Create a Microsoft SQL connector
Use the UI
To create a new Microsoft SQL connector:
- In the Kibana UI, navigate to the Search → Content → Connectors page from the main menu, or use the global search field.
- Follow the instructions to create a new Microsoft SQL self-managed connector.
Use the API
You can use the Elasticsearch Create connector API to create a new self-managed Microsoft SQL self-managed connector.
For example:
resp = client.connector.put(connector_id="my-{service-name-stub}-connector",index_name="my-elasticsearch-index",name="Content synced from {service-name}",service_type="{service-name-stub}",)print(resp)
const response = await client.connector.put({connector_id: "my-{service-name-stub}-connector",index_name: "my-elasticsearch-index",name: "Content synced from {service-name}",service_type: "{service-name-stub}",});console.log(response);
PUT _connector/my-mssql-connector{"index_name": "my-elasticsearch-index","name": "Content synced from Microsoft SQL","service_type": "mssql"}
You’ll also need to create an API key for the connector to use.
The user needs the cluster privileges manage_api_key, manage_connector and write_connector_secrets to generate API keys programmatically.
To create an API key for the connector:
Run the following command, replacing values where indicated. Note the
encodedreturn values from the response:resp = client.security.create_api_key(name="connector_name-connector-api-key",role_descriptors={"connector_name-connector-role": {"cluster": ["monitor","manage_connector"],"indices": [{"names": ["index_name",".search-acl-filter-index_name",".elastic-connectors*"],"privileges": ["all"],"allow_restricted_indices": False}]}},)print(resp)
const response = await client.security.createApiKey({name: "connector_name-connector-api-key",role_descriptors: {"connector_name-connector-role": {cluster: ["monitor", "manage_connector"],indices: [{names: ["index_name",".search-acl-filter-index_name",".elastic-connectors*",],privileges: ["all"],allow_restricted_indices: false,},],},},});console.log(response);
POST /_security/api_key{"name": "connector_name-connector-api-key","role_descriptors": {"connector_name-connector-role": {"cluster": ["monitor","manage_connector"],"indices": [{"names": ["index_name",".search-acl-filter-index_name",".elastic-connectors*"],"privileges": ["all"],"allow_restricted_indices": false}]}}}
Update your
config.ymlfile with the API keyencodedvalue.
Refer to the Elasticsearch API documentation for details of all available Connector APIs.
Usage
Users require the sysadmin server role. Note that SQL Server Authentication is required. Windows Authentication is not supported.
To use this connector as a self-managed connector, see Self-managed connectors For additional usage operations, see Connectors UI in Kibana.
Compatibility
The following are compatible with Elastic connector frameworks:
- Microsoft SQL Server versions 2017, 2019
- Azure SQL
- Amazon RDS for SQL Server
Configuration
When using the self-managed connector workflow, initially these fields will use the default configuration set in the connector source code. Note that this data source uses the generic_database.py connector source code.
Refer to mssql.py for additional code, specific to this data source. These configurable fields will be rendered with their respective labels in the Kibana UI. Once connected, users will be able to update these values in Kibana.
The following configuration fields are required to set up the connector:
host
The server host address where the Microsoft SQL Server is hosted. Default value is 127.0.0.1. Examples:
192.158.1.38demo.instance.demo-region.demo.service.com
port
The port where the Microsoft SQL Server is hosted. Default value is 9090.
username
The username of the account for Microsoft SQL Server. (SQL Server Authentication only)
password
The password of the account to be used for the Microsoft SQL Server. (SQL Server Authentication only)
database
Name of the Microsoft SQL Server database. Examples:
employee_databasecustomer_database
tables
Comma-separated list of tables. The Microsoft SQL connector will fetch data from all tables present in the configured database, if the value is * . Default value is *. Examples:
table_1, table_2*This field can be bypassed by advanced sync rules.
fetch_size
Rows fetched per request.
retry_count
The number of retry attempts per failed request.
schema
Name of the Microsoft SQL Server schema. Default value is dbo.
Examples:
dbocustom_schema
ssl_enabled
SSL verification enablement. Default value is False.
ssl_ca
Content of SSL certificate. If SSL is disabled, the ssl_ca value will be ignored.
Expand to see an example certificate
-----BEGIN CERTIFICATE-----MIID+jCCAuKgAwIBAgIGAJJMzlxLMA0GCSqGSIb3DQEBCwUAMHoxCzAJBgNVBAYT...7RhLQyWn2u00L7/9Omw=-----END CERTIFICATE-----
validate_host
Host validation enablement. Default value is False.
Deployment using Docker
You can deploy the Microsoft SQL connector as a self-managed connector using Docker. Follow these instructions.
Step 1: Download sample configuration file
Download the sample configuration file. You can either download it manually or run the following command:
curl https://raw.githubusercontent.com/elastic/connectors/main/config.yml.example --output ~/connectors-config/config.yml
Remember to update the --output argument value if your directory name is different, or you want to use a different config file name.
Step 2: Update the configuration file for your self-managed connector
Update the configuration file with the following settings to match your environment:
elasticsearch.hostelasticsearch.api_keyconnectors
If you’re running the connector service against a Dockerized version of Elasticsearch and Kibana, your config file will look like this:
# When connecting to your cloud deployment you should edit the host valueelasticsearch.host: http://host.docker.internal:9200elasticsearch.api_key: <ELASTICSEARCH_API_KEY>connectors:-connector_id: <CONNECTOR_ID_FROM_KIBANA>service_type: mssqlapi_key: <CONNECTOR_API_KEY_FROM_KIBANA> # Optional. If not provided, the connector will use the elasticsearch.api_key instead
Using the elasticsearch.api_key is the recommended authentication method. However, you can also use elasticsearch.username and elasticsearch.password to authenticate with your Elasticsearch instance.
Note: You can change other default configurations by simply uncommenting specific settings in the configuration file and modifying their values.
Step 3: Run the Docker image
Run the Docker image with the Connector Service using the following command:
docker run \-v ~/connectors-config:/config \--network "elastic" \--tty \--rm \docker.elastic.co/enterprise-search/elastic-connectors:8.17.0.0 \/app/bin/elastic-ingest \-c /config/config.yml
Refer to DOCKER.md in the elastic/connectors repo for more details.
Find all available Docker images in the official registry.
We also have a quickstart self-managed option using Docker Compose, so you can spin up all required services at once: Elasticsearch, Kibana, and the connectors service. Refer to this README in the elastic/connectors repo for more information.
Documents and syncs
- Tables with no primary key defined are skipped.
If the
last_user_updateofsys.dm_db_index_usage_statstable is not available for a specific table and database then all data in that table will be synced.Files bigger than 10 MB won’t be extracted.
- Permissions are not synced. All documents indexed to an Elastic deployment will be visible to all users with access to that Elastic Deployment.
Sync rules
Basic sync rules are identical for all connectors and are available by default. For more information read sync rules.
Advanced sync rules
This connector supports advanced sync rules for remote filtering. These rules cover complex query-and-filter scenarios that cannot be expressed with basic sync rules. Advanced sync rules are defined through a source-specific DSL JSON snippet.
A full sync is required for advanced sync rules to take effect.
Here are a few examples of advanced sync rules for this connector.
Expand to see example data
employee table
| emp_id | name | age |
|---|---|---|
3 | John | 28 |
10 | Jane | 35 |
14 | Alex | 22 |
* customer table
| c_id | name | age |
|---|---|---|
2 | Elm | 24 |
6 | Pine | 30 |
9 | Oak | 34 |
Example: Two queries
These rules fetch all records from both the employee and customer tables. The data from these tables will be synced separately to Elasticsearch.
[{"tables": ["employee"],"query": "SELECT * FROM employee"},{"tables": ["customer"],"query": "SELECT * FROM customer"}]
Example: One WHERE query
This rule fetches only the records from the employee table where the emp_id is greater than 5. Only these filtered records will be synced to Elasticsearch.
[{"tables": ["employee"],"query": "SELECT * FROM employee WHERE emp_id > 5"}]
Example: One JOIN query
This rule fetches records by performing an INNER JOIN between the employee and customer tables on the condition that the emp_id in employee matches the c_id in customer. The result of this combined data will be synced to Elasticsearch.
[{"tables": ["employee", "customer"],"query": "SELECT * FROM employee INNER JOIN customer ON employee.emp_id = customer.c_id"}]
When using advanced rules, a query can bypass the configuration field tables. This will happen if the query specifies a table that doesn’t appear in the configuration. This can also happen if the configuration specifies * to fetch all tables while the advanced sync rule requests for only a subset of tables.
End-to-end testing
The connector framework enables operators to run functional tests against a real data source. Refer to Connector testing for more details.
To perform E2E testing for the Microsoft SQL connector, run the following command:
make ftest NAME=mssql
For faster tests, add the DATA_SIZE=small flag:
make ftest NAME=mssql DATA_SIZE=small
Known issues
There are no known issues for this connector. See Known issues for any issues affecting all connectors.
Troubleshooting
See Troubleshooting.
Security
See Security.
This connector uses the generic database connector source code (branch 8.17, compatible with Elastic 8.17).
View additional code specific to this data source (branch 8.17, compatible with Elastic 8.17).
