Shulou(Shulou.com)06/01 Report--

The following brings you about the Percona Audit Log Plugin implementation of mysql audit operation steps content, I believe you must have read similar articles. What's the difference in what we bring to you? Let's take a look at the body part together. I believe you will definitely gain something after reading the steps of Percona Audit Log Plugin to implement mysql audit.

Percona Audit Log Plugin provides monitoring and logging of connection and query activity performed on a specific Cloud Virtual Machine. Information about the activity will be stored in an XML log file, where each event will have its NAME field, its own unique RECORD_ID field, and TIMESTAMP field. This implementation is an alternative to the MySQL Enterprise Audit Log Plug-in that generates logs for the following events: Audit -An Audit event indicates that audit logging has started or completed. The NAME field is Audit when logging begins and NoAudit when logging completes. Audit records also include Cloud Virtual Machine version and command line parameters.

Connect/Disconnect - Connect record event will have NAME field Connect when user logged in or login failed, or Quit when connection is closed. Additional fields for this event are CONNECTION_ID, STATUS, USER, PRIV_USER, OS_LOGIN, PROXY_USER, HOST, and IP. STATUS will be 0 for successful logins and non-zero for failed logins.

Example of the Disconnect event:

1. Installation:

The audit log plug-in comes with Percona Server, but is not installed by default. To enable the plug-in, you must run the following command

INSTALL PLUGIN audit_log SONAME 'audit_log.so';

Verify plug-ins are installed successfully

SHOW PLUGINS;

+--------------------------------+----------+--------------------+--------------+---------+

| Name | Status | Type | Library | License |

+--------------------------------+----------+--------------------+--------------+---------+

...

| audit_log | ACTIVE | AUDIT | audit_log.so | GPL |

+--------------------------------+----------+--------------------+--------------+---------+

2. Log format:

The audit log plug-in supports four log formats: OLD, NEW, JSON and CSV. The OLD and NEW formats are XML-based, with the former outputting logging attributes as XML attributes and the latter as XML tags. The recorded information is the same in all four formats. Log format selection is controlled by the audit_log_format variable.

Quit

10902_2014-04-28T11:02:54

2014-04-28T11:02:59 UTC

36

0

3. Actual combat:

The following example shows adding users to be monitored

mysql> SET GLOBAL audit_log_include_accounts = 'user1@localhost,root@localhost';

Query OK, 0 rows affected (0.00 sec)

If you you try to add users to both include and exclude lists server will show you the following error:

mysql> SET GLOBAL audit_log_exclude_accounts = 'user1@localhost,root@localhost';

ERROR 1231 (42000): Variable 'audit_log_exclude_accounts' can't be set to the value of 'user1@localhost,root@localhost'

To switch from filtering by included user list to the excluded one or back, first set the currently active filtering variable to NULL:

mysql> SET GLOBAL audit_log_include_accounts = NULL;

Query OK, 0 rows affected (0.00 sec)

mysql> SET GLOBAL audit_log_exclude_accounts = 'user1@localhost,root@localhost';

Query OK, 0 rows affected (0.00 sec)

mysql> SET GLOBAL audit_log_exclude_accounts = "'user'@'host'";

Query OK, 0 rows affected (0.00 sec)

mysql> SET GLOBAL audit_log_exclude_accounts = '''user''@''host''';

Query OK, 0 rows affected (0.00 sec)

mysql> SET GLOBAL audit_log_exclude_accounts = '\'user\'@\'host\'';

Query OK, 0 rows affected (0.00 sec)

To see what users are currently in the on the list you can run:

mysql> SELECT @@audit_log_exclude_accounts;

+------------------------------+

| @@audit_log_exclude_accounts |

+------------------------------+

| 'user'@'host' |

+------------------------------+

1 row in set (0.00 sec)

--Remarks: The user name monitored must be consistent with the user name in mysql.user, otherwise it will not take effect.

transition out user1(exclude user1)

SET GLOBAL audit_log_exclude_accounts = 'user1@%';

For the above steps about Percona Audit Log Plugin to implement mysql audit, do you think it is what you want? If you want to know more about it, you can continue to pay attention to our industry information section.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.