This documentation contains work-in-progress information for future Elastic Stack and Cloud releases. Use the version selector to view supported release docs. It also contains some Elastic Cloud serverless information. Check out our serverless docs for more details.

« Elastic Jira connector reference Elastic MongoDB connector reference »

› › ›

Elastic Microsoft SQL connector reference

Elastic Microsoft SQL connector reference

The Elastic Microsoft SQL connector is a connector for Microsoft SQL databases. This connector is written in Python using the Elastic connector framework.

View the source code for this connector (branch 8.16, compatible with Elastic 8.16).

Elastic managed connector reference

View Elastic managed connector reference

Availability and prerequisites

This connector is available as a managed connector in Elastic versions 8.8.0 and later. To use this connector natively in Elastic Cloud, satisfy all managed connector requirements.

Create a Microsoft SQL connector

Use the UI

To create a new Microsoft SQL connector:

Navigate to the Search → Connectors page in the Kibana UI.
Follow the instructions to create a new native Microsoft SQL connector.

For additional operations, see Connectors UI in Kibana.

Use the API

You can use the Elasticsearch Create connector API to create a new native Microsoft SQL connector.

For example:

PUT _connector/my-mssql-connector
{
  "index_name": "my-elasticsearch-index",
  "name": "Content synced from Microsoft SQL",
  "service_type": "mssql",
  "is_native": "true"
}

You’ll also need to create an API key for the connector to use.

The user needs the cluster privileges manage_api_key, manage_connector and write_connector_secrets to generate API keys programmatically.

To create an API key for the connector:

Run the following command, replacing values where indicated. Note the id and encoded return values from the response:

const response = await client.security.createApiKey({
  name: "my-connector-api-key",
  role_descriptors: {
    "my-connector-connector-role": {
      cluster: ["monitor", "manage_connector"],
      indices: [
        {
          names: [
            "my-index_name",
            ".search-acl-filter-my-index_name",
            ".elastic-connectors*",
          ],
          privileges: ["all"],
          allow_restricted_indices: false,
        },
      ],
    },
  },
});
console.log(response);

POST /_security/api_key
{
  "name": "my-connector-api-key",
  "role_descriptors": {
    "my-connector-connector-role": {
      "cluster": [
        "monitor",
        "manage_connector"
      ],
      "indices": [
        {
          "names": [
            "my-index_name",
            ".search-acl-filter-my-index_name",
            ".elastic-connectors*"
          ],
          "privileges": [
            "all"
          ],
          "allow_restricted_indices": false
        }
      ]
    }
  }
}

Use the encoded value to store a connector secret, and note the id return value from this response:

const response = await client.connector.secretPost({
  body: {
    value: "encoded_api_key",
  },
});
console.log(response);

POST _connector/_secret
{
  "value": "encoded_api_key"
}

Use the API key id and the connector secret id to update the connector:

const response = await client.connector.updateApiKeyId({
  connector_id: "my_connector_id>",
  api_key_id: "API key_id",
  api_key_secret_id: "secret_id",
});
console.log(response);

PUT /_connector/my_connector_id>/_api_key_id
{
  "api_key_id": "API key_id",
  "api_key_secret_id": "secret_id"
}

Refer to the Elasticsearch API documentation for details of all available Connector APIs.

Usage

To use this connector as a managed connector, use the Connector workflow. See Elastic managed connectors.

Users require the sysadmin server role.

For additional operations, see Connectors UI in Kibana.

Compatibility

The following are compatible with Elastic connector frameworks:

Microsoft SQL Server versions 2017, 2019
Azure SQL
Amazon RDS for SQL Server

Configuration

The following configuration fields are required to set up the connector:

Host

The server host address where the Microsoft SQL Server is hosted. Default value is 127.0.0.1. Examples:

192.158.1.38
demo.instance.demo-region.demo.service.com

Port

The port where the Microsoft SQL Server is hosted. Default value is 1433.

Username

The username of the account for Microsoft SQL Server.

Password

The password of the account to be used for the Microsoft SQL Server.

Database

Name of the Microsoft SQL Server database. Examples:

employee_database
customer_database

Comma-separated list of tables

List of tables, separated by commas. The Microsoft SQL connector will fetch data from all tables present in the configured database, if the value is * . Default value is *. Examples:

table_1, table_2
*

This field can be bypassed by advanced sync rules.

Schema

Name of the Microsoft SQL Server schema. Default value is dbo.

Examples:

dbo
custom_schema

Enable SSL

Toggle to enable SSL verification. Default value is False.

SSL certificate

Content of SSL certificate. If SSL is disabled, the ssl_ca value will be ignored.

Expand to see an example certificate

-----BEGIN CERTIFICATE-----
MIID+jCCAuKgAwIBAgIGAJJMzlxLMA0GCSqGSIb3DQEBCwUAMHoxCzAJBgNVBAYT
...
7RhLQyWn2u00L7/9Omw=
-----END CERTIFICATE-----

Validate host

Toggle to enable host validation. Default value is False.

Documents and syncs

Tables with no primary key defined are skipped.
If the last_user_update of sys.dm_db_index_usage_stats table is not available for a specific table and database then all data in that table will be synced.

Files bigger than 10 MB won’t be extracted.
Permissions are not synced. All documents indexed to an Elastic deployment will be visible to all users with access to that Elastic Deployment.

Sync rules

Basic sync rules are identical for all connectors and are available by default. For more information read sync rules.

Advanced sync rules

This connector supports advanced sync rules for remote filtering. These rules cover complex query-and-filter scenarios that cannot be expressed with basic sync rules. Advanced sync rules are defined through a source-specific DSL JSON snippet.

A full sync is required for advanced sync rules to take effect.

Here are a few examples of advanced sync rules for this connector.

Expand to see example data

employee table

emp_id	name	age
3	John	28
10	Jane	35
14	Alex	22

* customer table

c_id	name	age
2	Elm	24
6	Pine	30
9	Oak	34

======= Example: Two queries

These rules fetch all records from both the employee and customer tables. The data from these tables will be synced separately to Elasticsearch.

[
  {
    "tables": [
      "employee"
    ],
    "query": "SELECT * FROM employee"
  },
  {
    "tables": [
      "customer"
    ],
    "query": "SELECT * FROM customer"
  }
]

======= Example: One WHERE query

This rule fetches only the records from the employee table where the emp_id is greater than 5. Only these filtered records will be synced to Elasticsearch.

[
  {
    "tables": ["employee"],
    "query": "SELECT * FROM employee WHERE emp_id > 5"
  }
]

======= Example: One JOIN query

This rule fetches records by performing an INNER JOIN between the employee and customer tables on the condition that the emp_id in employee matches the c_id in customer. The result of this combined data will be synced to Elasticsearch.

[
  {
    "tables": ["employee", "customer"],
    "query": "SELECT * FROM employee INNER JOIN customer ON employee.emp_id = customer.c_id"
  }
]

When using advanced rules, a query can bypass the configuration field tables. This will happen if the query specifies a table that doesn’t appear in the configuration. This can also happen if the configuration specifies * to fetch all tables while the advanced sync rule requests for only a subset of tables.

Known issues

There are no known issues for this connector. See Known issues for any issues affecting all connectors.

Troubleshooting

See Troubleshooting.

Security

This connector uses the generic database connector source code (branch 8.16, compatible with Elastic 8.16).

View additional code specific to this data source (branch 8.16, compatible with Elastic 8.16).

Self-managed connector

View self-managed connector reference

Availability and prerequisites

This connector is available as a self-managed self-managed connector. To use this connector, satisfy all self-managed connector requirements.

Create a Microsoft SQL connector

Use the UI

To create a new Microsoft SQL connector:

Navigate to the Search → Connectors page in the Kibana UI.
Follow the instructions to create a new Microsoft SQL self-managed connector.

Use the API

You can use the Elasticsearch Create connector API to create a new self-managed Microsoft SQL self-managed connector.

For example:

PUT _connector/my-mssql-connector
{
  "index_name": "my-elasticsearch-index",
  "name": "Content synced from Microsoft SQL",
  "service_type": "mssql"
}

You’ll also need to create an API key for the connector to use.

The user needs the cluster privileges manage_api_key, manage_connector and write_connector_secrets to generate API keys programmatically.

To create an API key for the connector:

Run the following command, replacing values where indicated. Note the encoded return values from the response:

const response = await client.security.createApiKey({
  name: "connector_name-connector-api-key",
  role_descriptors: {
    "connector_name-connector-role": {
      cluster: ["monitor", "manage_connector"],
      indices: [
        {
          names: [
            "index_name",
            ".search-acl-filter-index_name",
            ".elastic-connectors*",
          ],
          privileges: ["all"],
          allow_restricted_indices: false,
        },
      ],
    },
  },
});
console.log(response);

POST /_security/api_key
{
  "name": "connector_name-connector-api-key",
  "role_descriptors": {
    "connector_name-connector-role": {
      "cluster": [
        "monitor",
        "manage_connector"
      ],
      "indices": [
        {
          "names": [
            "index_name",
            ".search-acl-filter-index_name",
            ".elastic-connectors*"
          ],
          "privileges": [
            "all"
          ],
          "allow_restricted_indices": false
        }
      ]
    }
  }
}

Update your config.yml file with the API key encoded value.

Refer to the Elasticsearch API documentation for details of all available Connector APIs.

Usage

Users require the sysadmin server role.

To use this connector as a self-managed connector, see Self-managed connectors For additional usage operations, see Connectors UI in Kibana.

Compatibility

The following are compatible with Elastic connector frameworks:

Microsoft SQL Server versions 2017, 2019
Azure SQL
Amazon RDS for SQL Server

Configuration

When using the self-managed connector workflow, initially these fields will use the default configuration set in the connector source code. Note that this data source uses the generic_database.py connector source code.

Refer to mssql.py for additional code, specific to this data source. These configurable fields will be rendered with their respective labels in the Kibana UI. Once connected, users will be able to update these values in Kibana.

The following configuration fields are required to set up the connector:

host

The server host address where the Microsoft SQL Server is hosted. Default value is 127.0.0.1. Examples:

192.158.1.38
demo.instance.demo-region.demo.service.com

port

The port where the Microsoft SQL Server is hosted. Default value is 9090.

username

The username of the account for Microsoft SQL Server.

password

The password of the account to be used for the Microsoft SQL Server.

database

Name of the Microsoft SQL Server database. Examples:

employee_database
customer_database

tables

Comma-separated list of tables. The Microsoft SQL connector will fetch data from all tables present in the configured database, if the value is * . Default value is *. Examples:

table_1, table_2
*

This field can be bypassed by advanced sync rules.

fetch_size

Rows fetched per request.

retry_count

The number of retry attempts per failed request.

schema

Name of the Microsoft SQL Server schema. Default value is dbo.

Examples:

dbo
custom_schema

ssl_enabled

SSL verification enablement. Default value is False.

ssl_ca

Content of SSL certificate. If SSL is disabled, the ssl_ca value will be ignored.

Expand to see an example certificate

-----BEGIN CERTIFICATE-----
MIID+jCCAuKgAwIBAgIGAJJMzlxLMA0GCSqGSIb3DQEBCwUAMHoxCzAJBgNVBAYT
...
7RhLQyWn2u00L7/9Omw=
-----END CERTIFICATE-----

validate_host

Host validation enablement. Default value is False.

Deployment using Docker

You can deploy the Microsoft SQL connector as a self-managed connector using Docker. Follow these instructions.

Step 1: Download sample configuration file

Download the sample configuration file. You can either download it manually or run the following command:

curl https://raw.githubusercontent.com/elastic/connectors/main/config.yml.example --output ~/connectors-config/config.yml

Remember to update the --output argument value if your directory name is different, or you want to use a different config file name.

Step 2: Update the configuration file for your self-managed connector

Update the configuration file with the following settings to match your environment:

elasticsearch.host
elasticsearch.api_key
connectors

If you’re running the connector service against a Dockerized version of Elasticsearch and Kibana, your config file will look like this:

# When connecting to your cloud deployment you should edit the host value
elasticsearch.host: http://host.docker.internal:9200
elasticsearch.api_key: <ELASTICSEARCH_API_KEY>

connectors:
  -
    connector_id: <CONNECTOR_ID_FROM_KIBANA>
    service_type: mssql
    api_key: <CONNECTOR_API_KEY_FROM_KIBANA> # Optional. If not provided, the connector will use the elasticsearch.api_key instead

Using the elasticsearch.api_key is the recommended authentication method. However, you can also use elasticsearch.username and elasticsearch.password to authenticate with your Elasticsearch instance.

Note: You can change other default configurations by simply uncommenting specific settings in the configuration file and modifying their values.

Step 3: Run the Docker image

Run the Docker image with the Connector Service using the following command:

docker run \
-v ~/connectors-config:/config \
--network "elastic" \
--tty \
--rm \
docker.elastic.co/enterprise-search/elastic-connectors:8.16.0.0 \
/app/bin/elastic-ingest \
-c /config/config.yml

Refer to DOCKER.md in the elastic/connectors repo for more details.

Find all available Docker images in the official registry.

We also have a quickstart self-managed option using Docker Compose, so you can spin up all required services at once: Elasticsearch, Kibana, and the connectors service. Refer to this README in the elastic/connectors repo for more information.

Documents and syncs

Tables with no primary key defined are skipped.
If the last_user_update of sys.dm_db_index_usage_stats table is not available for a specific table and database then all data in that table will be synced.

Files bigger than 10 MB won’t be extracted.
Permissions are not synced. All documents indexed to an Elastic deployment will be visible to all users with access to that Elastic Deployment.

Sync rules

Basic sync rules are identical for all connectors and are available by default. For more information read sync rules.

Advanced sync rules

This connector supports advanced sync rules for remote filtering. These rules cover complex query-and-filter scenarios that cannot be expressed with basic sync rules. Advanced sync rules are defined through a source-specific DSL JSON snippet.

A full sync is required for advanced sync rules to take effect.

Here are a few examples of advanced sync rules for this connector.

Expand to see example data

employee table

emp_id	name	age
3	John	28
10	Jane	35
14	Alex	22

* customer table

c_id	name	age
2	Elm	24
6	Pine	30
9	Oak	34

======= Example: Two queries

These rules fetch all records from both the employee and customer tables. The data from these tables will be synced separately to Elasticsearch.

[
  {
    "tables": [
      "employee"
    ],
    "query": "SELECT * FROM employee"
  },
  {
    "tables": [
      "customer"
    ],
    "query": "SELECT * FROM customer"
  }
]

======= Example: One WHERE query

This rule fetches only the records from the employee table where the emp_id is greater than 5. Only these filtered records will be synced to Elasticsearch.

[
  {
    "tables": ["employee"],
    "query": "SELECT * FROM employee WHERE emp_id > 5"
  }
]

======= Example: One JOIN query

This rule fetches records by performing an INNER JOIN between the employee and customer tables on the condition that the emp_id in employee matches the c_id in customer. The result of this combined data will be synced to Elasticsearch.

[
  {
    "tables": ["employee", "customer"],
    "query": "SELECT * FROM employee INNER JOIN customer ON employee.emp_id = customer.c_id"
  }
]

When using advanced rules, a query can bypass the configuration field tables. This will happen if the query specifies a table that doesn’t appear in the configuration. This can also happen if the configuration specifies * to fetch all tables while the advanced sync rule requests for only a subset of tables.

End-to-end testing

The connector framework enables operators to run functional tests against a real data source. Refer to Connector testing for more details.

To perform E2E testing for the Microsoft SQL connector, run the following command:

make ftest NAME=mssql

For faster tests, add the DATA_SIZE=small flag:

make ftest NAME=mssql DATA_SIZE=small

Known issues

There are no known issues for this connector. See Known issues for any issues affecting all connectors.

Troubleshooting

See Troubleshooting.

Security

This connector uses the generic database connector source code (branch 8.16, compatible with Elastic 8.16).

View additional code specific to this data source (branch 8.16, compatible with Elastic 8.16).

« Elastic Jira connector reference Elastic MongoDB connector reference »