Sync Oracle Alert Log To Elasticsearch - mamrami/Sync-Admin-For-Oracle GitHub Wiki

Sync Admin is Supported on Oracle 12.X

Examples:

Sync Oracle* Alert Log to Elasticsearch:

We can create a Sync that send the Alert log rows from oracle to Elastic

In 11g and beyond have x$dbgalertext view

Conn sysdba
create view v_alert_log as select * from x$dbgalertext;
grant select on v_alert_log to sync_admin;

Create Sync with query the alert log We will create sync with target index as 'alert_{DDMM}' that will create index per day. and schedule the job to run once a day.

exec DBMS_SYNC_ADMIN.create_data_link('ES_LINK',1,'RW','192.168.1.110','','',9200,9999);
exec sync_admin.DBMS_SYNC_ADMIN.CREATE_SYNC('SYS','ALERT_LOG','select ORIGINATING_TIMESTAMP,MESSAGE_TEXT from sys.v_alert_log where MESSAGE_TEXT like ''%ORA-%'' and ORIGINATING_TIMESTAMP between trunc(sysdate-2) and trunc(sysdate-1)','ES_LINK','alert_{DDMM}',null,'C');
exec es_handler.RUN_SYNC('ALERT_LOG','TC');