Shulou(Shulou.com)05/31 Report--

This article is about how to use the audit function of percona 5.6to share with you. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

Percona Audit Log Plugin introduction

The Percona audit log plug-in provides monitoring records of database connections and query activities, and relevant information will be recorded in the XML file. Each event has a NAME field and unique RECORD_ID and TIMESTAMP fields. Currently, only the enterprise version of MySQL officially integrates the audit log function.

Turn on the audit function

Install the audit plug-in to restart the database load by adding a configuration file, or you can install it dynamically.

# configuration File load [mysqld] plugin-load=audit_log.so# load plug-in list mysql > INSTALL PLUGIN audit_log SONAME 'audit_log.so'; Audit Log event introduction

Audit

Indicates the beginning or end of the audit log. When the NAME field is' Audit''to start the audit log, and 'NoAudit' means to end the audit log, the server version and command line arguments are also recorded

Examples of Audit events are as follows

Connect/Disconnect

Record user disconnection information. When the NAME field is' Connect'', the user's connection is successful or failed; 'Quit' means the connection is broken, and CONNECTION_ID, STATUS, USER, PRIV_USER, OS_LOGIN, PROXY_USER, HOST, and IP are also recorded. A STATUS of 0 indicates success, while a value other than 0 indicates failure.

Examples of Connect/Disconnect events are as follows

Query

Record DML, DDL information, name values may be Query, Prepare, Execute, Change user and so on. In addition, COMMAND_CLASS (com_status_ Vars value in the sql/mysqld.cc file), CONNECTION_ID, STATUS, SQLTEXT (sql statement information), USER, HOST, OS_USER, IP are also recorded.

Examples of Query events are as follows:

Parameter description mysql > show variables like'% audit%' +-- +-+ | Variable_name | Value | +-+-+ | audit_log_buffer_size | 1048576 | | Audit_log_file | audit.log | | audit_log_flush | OFF | | audit_log_format | OLD | | audit_log_handler | FILE | | audit_log_policy | ALL | | audit_log_rotate_on_size | 0 | audit_log_rotations | 0 | Audit_log_strategy | ASYNCHRONOUS | | audit_log_syslog_facility | LOG_USER | | audit_log_syslog_ident | percona-audit | | audit_log_syslog_priority | LOG_INFO | +-- +-+ 12 rows in set (0.00 sec)

Audit_log_format

Log format: OLD, NEW, JSON, and CSV.

Audit_log_buffer_size

Audit cache, it is recommended to set it to a multiple of 4096. This parameter takes effect only if audit_log_strategy is ASYNCHRONOUS.

Audit_log_flush

Control the archiving of audit logs, which takes effect only when audit_log_rotate_on_size=0. After renaming audit log archives manually, you can specify audit_log_flush=1 to generate new audit logs.

Audit_log_policy

Specify the events recorded by the audit log

ALL-Log all events

LOGINS-only login connection information is recorded

QUERIES-only query events are recorded

NONE-No events are logged

Audit_log_strategy

Specifies the refresh policy for audit logs, which takes effect only if audit_log_handler is' FILE'.

ASYNCHRONOUS-Asynchronous (default), memory buffer is used, messages are not deleted when the buffer is full

PERFORMANCE-use the memory buffer to delete messages when the buffer is full

SEMISYNCHRONOUS-write directly to the file and refresh the synchronization event through the operating system

SYNCHRONOUS-write directly to the file and synchronize refresh events in real time

Audit_log_file

Specify the audit log path and file name, which can be relative or absolute

Audit_log_buffer_size

Audit log buffer size, which takes effect when audit_log_strategy takes effect and is set to ASYNCHRONOUS or PERFORMANCE

Audit_log_rotate_on_size

Specify the maximum audit log size

Audit_log_rotations

Specify the number of audit logs saved

Audit_log_handler

Specify audit log save format: FILE, SYSLOG

Thank you for reading! This is the end of the article on "how to use the audit function of percona 5.6". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, you can share it for more people to see!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.