Shulou(Shulou.com)06/01 Report--

Both the mariadb audit log and the mysql audit log are used in the form of plug-ins.

At present, mysql Enterprise Edition supports the audit log function, and percona's plug-in can replace this plug-in. (network understanding mysql Community Edition can use percona's audit plug-in, which I have not tested yet.)

This experiment starts the audit log based on mariadb.

1.mariadb version: mariadb10.1.19 includes the audit log plug-in in the officially downloaded binary package.

two。 Check to see if the database has plug-ins installed:

SHOW VARIABLES LIKE'% plugin_dir%'

Seeing that this database has the audit plug-in installed, uninstall the plug-in and reinstall it.

3. Uninstall the plug-in

MariaDB [(none)] > UNINSTALL PLUGIN server_audit;ERROR 1702 (HY000): Plugin 'server_audit' is force_plus_permanent and can not be unloaded

An error was reported when uninstalling the plug-in. The parameters need to be modified.

Server_audit=FORCE_PLUS_PERMANENT

Parameter prevents the plug-in parameter from being deleted. DB can be restarted in the experiment and should be operated carefully in actual production.

Vi / etc/my.cnf

# + # audit

# plugin_load=server_audit

# server_audit_events=connect,query_dml,query_ddl

# server_audit=FORCE_PLUS_PERMANENT

# server_audit_file_rotate_size = 128m

# server_audit_logging = ON

# server_audit_file_path=/data01/mysql/log3306/server_audit.log

# sysdate_is_now = 1

Restart mysql:

Uninstall succeeded.

MariaDB [(none)] > unINSTALL PLUGIN server_audit

ERROR 1305 (42000): PLUGIN server_audit does not exist

MariaDB [(none)] > show variables like'% audit%'

Empty set (0.00 sec)

4. Install the plug-in:

MariaDB [(none)] > INSTALL PLUGIN server_audit SONAME 'libaudit_plugin.so'

ERROR 1127 (HY000): Can't find symbol 'server_audit' in library

Installation error:

The reason can not be found, restore the my.cnf configuration file comments, and restart mysql.

Plugin_load=server_audit

Server_audit_events=connect,query_dml,query_ddl

Server_audit=FORCE_PLUS_PERMANENT

Server_audit_file_rotate_size = 128m

Server_audit_logging = ON

Server_audit_file_path=/data01/mysql/log3306/server_audit.log

Sysdate_is_now = 1

Found to install again:

MariaDB [(none)] > INSTALL PLUGIN server_audit SONAME 'libaudit_plugin.so'

ERROR 1968 (HY000): Plugin 'server_audit' already installed

MariaDB [(none)] > INSTALL PLUGIN server_audit SONAME 'libaudit_plugin.so'

ERROR 1968 (HY000): Plugin 'server_audit' already installed

Now, it's scary. The current problem is that server_audit cannot be stopped without annotating the configuration file

+-- +

| | Level | Code | Message | |

+-- +

| | Warning | 1620 | Plugin is busy and will be uninstalled on shutdown |

+-- +

Comment out installation cannot be found: Can't find symbol 'server_audit' in library

5. Error resolution:

Reason: the syntax of the installation is incorrect.

Restart mysql after commenting out the parameters of the audit log

Install the audit plug-in:

MariaDB [(none)] > show variables like'% audit%'

Empty set (0.00 sec)

MariaDB [(none)] > INSTALL PLUGIN server_audit SONAME 'server_audit.so'

Query OK, 0 rows affected (0.01 sec)

MariaDB [(none)] > show variables like'% audit%'

+-+

| | Variable_name | Value |

+-+

| | server_audit_events |

| | server_audit_excl_users |

| | server_audit_file_path | server_audit.log |

| | server_audit_file_rotate_now | OFF |

| | server_audit_file_rotate_size | 1000000 | |

| | server_audit_file_rotations | 9 | |

| | server_audit_incl_users |

| | server_audit_logging | OFF |

| | server_audit_mode | 0 | |

| | server_audit_output_type | file |

| | server_audit_query_log_limit | 1024 | |

| | server_audit_syslog_facility | LOG_USER |

| | server_audit_syslog_ident | mysql-server_auditing |

| | server_audit_syslog_info |

| | server_audit_syslog_priority | LOG_INFO |

+-+

15 rows in set (0.01 sec)

At this time, the audit log parameters are empty and can take effect by setting global dynamic parameters. Here, in order to still take effect after restarting mysql, the author uses to modify the my.cnf parameters to configure the audit log parameters, that is, cancel the logout parameters.

Plugin_load=server_audit

Server_audit_events=connect,query_dml,query_ddl

Server_audit=FORCE_PLUS_PERMANENT

Server_audit_file_rotate_size = 128m

Server_audit_logging = ON

Server_audit_file_path=/data01/mysql/log3306/server_audit.log

Sysdate_is_now = 1

Restart mysql; installation is complete, we must not be as careless as the author, the article is more chaotic, hope readers to refer carefully.

Note: INSTALL PLUGIN audit_log SONAME 'audit_log.so'; installs audit log statements for mysql.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.