On the beta cluster, we had mysqld to emit syslog which are relayed to logstash (T119370). I have crafted a basic dashboard that search for syslog messages matching the program mysqld:
Message deduplication does not work quite well since MySQL prefix the message payload with the PID and time.
Seems MariaDB emits all messages at error level (havent checked).
They look like (message shortened by me):
|message||160719 9:20:36 [Warning] Unsafe statement written to the binary ...|
|normalized_message||160719 9:20:36 [Warning] Unsafe statement written to the binary ...|
At least in the message field, we would want to drop the PID and time.
Ideally parse the message to set / correct the level.
Until MariaDB 10.1.4, the format consisted of the date (yymmdd) and time, followed by the type of error (Note, Warning or Error) and the error message, for example:160615 16:53:08 [Note] InnoDB: The InnoDB memory heap is disabled
From MariaDB 10.1.5, the date format has been extended to yyyy-mm-dd, and the thread ID has been added, for example:2016-06-15 16:53:33 139651251140544 [Note] InnoDB: The InnoDB memory heap is disabled
The type of error is one of Note, Warning or Error.