You are viewing docs on Elastic's new documentation system, currently in technical preview. For all other Elastic docs, visit
Last updated: Mar 24th, 2023

SQL Input

Collects Metrics by Quering on SQL Databases

Beta feature

This functionality is in beta and is subject to change. The design and code is less mature than official generally available features and is being provided as-is with no warranties. Beta features are not subject to the support service level agreement of official generally available features.

What is an Elastic integration?

This integration is powered by Elastic Agent. Elastic Agent is a single, unified way to add monitoring for logs, metrics, and other types of data to a host. It can also protect hosts from security threats, query data from operating systems, forward data from remote services or hardware, and more. Refer to our documentation for a detailed comparison between Beats and Elastic Agent.

Prefer to use Beats for this use case? See Filebeat modules for logs or Metricbeat modules for metrics.

The SQL input package allows you to execute custom queries against an SQL database and store the results in Elasticsearch.

This input package supports the below listed databases:

  • MySQL
  • Oracle
  • Microsoft SQL
  • PostgreSQL

Configuration Options for the User:


The host configuration should be specified from where the metrics are to be fetched. It varies depending upon the driver you are running


The supported configuration takes this form

  • <user>:<password>@tcp(<host>:<port>)/

Example of supported configuration is as below:

  • root:root@tcp(localhost:3306)/


The following two types of host configurations are supported:

  1. Old style host configuration :

    a. hosts: ["user/pass@"]

    b. hosts: ["user/password@ as sysdba"]

  2. DSN host configuration:

    a. hosts: ['user="user" password="pass" connectString=""']

    b. hosts: ['user="user" password="password" connectString="host:port/service_name" sysdba=true']


The supported configuration takes this form

  • sqlserver://<user>:<password>@<host>

Example of supported configurations is as below:

  • sqlserver://root:test@localhost


The supported configuration takes this form

  • postgres://<user>:<password>@<connection_string>

Example of supported configuration is as below:

  • postgres://postgres:postgres@localhost:5432/stuff?sslmode=disable

Note: If the password contains the backslash (\) character, it must be escaped with a backslash. For example, if the password is my\_password, it should be written as my\\_password.


Specify the driver for which you want to run the queries. Below are the supported drivers:

  • mysql
  • oracle
  • mssql
  • postgres


Receives the list of queries to execute. query and response_format is repeated to get multiple query inputs.


  • query: SHOW GLOBAL STATUS LIKE 'Innodb_system%'

    response_format: variables

response_format: This can be either variables or table

variables: Expects a two-column table that looks like a key/value result. The left column is considered a key and the right column the value. This mode generates a single event on each fetch operation.

table: Expects any number of columns. This mode generates a single event for each row.

For more examples of response format pelase refer here


Enhancement View pull request
Initial draft of the SQL Input Package