MYSQL's audit log plug-in, unfortunately only for LINUX at present:
MySQL plug-in from McAfee provides auditing functions for MySQL, focusing on security and auditing requirements. The plugin can be used as a standalone auditing solution, or it can be configured to feed data to external monitoring tools.
Plugin download address:
https://bintray.com/mcafee/mysql-audit-plugin/release/1.1.4-725#files
First check the mysql plugin save directory:
mysql> show global variables like 'plugin_dir';
+-- -------------+------------------------------------------------ ---------+
| Variable_name | Value |
+---------------+------------------ ---------------------------+
| plugin_dir | /usr/local/mysql-5.7.17/lib64/mysql/plugin/ |
+ ---------------+------------------------------------------------ -------------+
1 row in set (0.00 sec)
Copy the plugin downloaded above to the above directory:
unzip audit-plugin-mysql-5.7-1.1.4-725-linux-x86_64.zip
cd audit-plugin-mysql-5.7-1.1.4-725
cp lib/libaudit_plugin.so /usr/local/mysql-5.7.17 /lib64/mysql/plugin/
Enter the mysql command window and install the plugin:
mysql> INSTALL PLUGIN AUDIT SONAME 'libaudit_plugin.so';
Query OK, 0 rows affected (0.06 sec)
Check which plugins are currently loaded by mysql:
mysql> show plugins ;
+----------------------------+------------+-------- ------------+--------------------------------+---------+
| Name | Status | Type | Library | License |
+----------------------------+----------+---- ----------------+--------------------------------+---------+
| binlog | ACTIVE | STORAGE ENGINE | NULL | GPL |
| mysql_native_password | ACTIVE | AUTHENTICATION | NULL | GPL |
| sha256_password | ACTIVE | AUTHENTICATION | NULL | GPL |
| InnoDB | ACTIVE | STORAGE ENGINE | NULL | GPL |
| INNODB_TRX | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_LOCKS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_LOCK_WAITS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMP | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMP_RESET | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMPMEM | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMPMEM_RESET | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMP_PER_INDEX | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMP_PER_INDEX_RESET | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_BUFFER_PAGE | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_BUFFER_PAGE_LRU | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_BUFFER_POOL_STATS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_TEMP_TABLE_INFO | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_METRICS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_DEFAULT_STOPWORD | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_DELETED | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_BEING_DELETED | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_CONFIG | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_INDEX_CACHE | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_INDEX_TABLE | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_TABLES | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_TABLESTATS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_INDEXES | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_COLUMNS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_FIELDS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_FOREIGN | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_FOREIGN_COLS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_TABLESPACES | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_DATAFILES | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_VIRTUAL | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| MEMORY | ACTIVE | STORAGE ENGINE | NULL | GPL |
| MRG_MYISAM | ACTIVE | STORAGE ENGINE | NULL | GPL |
| PERFORMANCE_SCHEMA | ACTIVE | STORAGE ENGINE | NULL | GPL |
| CSV | ACTIVE | STORAGE ENGINE | NULL | GPL |
| MyISAM | ACTIVE | STORAGE ENGINE | NULL | GPL |
| ARCHIVE | ACTIVE | STORAGE ENGINE | NULL | GPL |
| partition | ACTIVE | STORAGE ENGINE | NULL | GPL |
| BLACKHOLE | ACTIVE | STORAGE ENGINE | NULL | GPL |
| FEDERATED | DISABLED | STORAGE ENGINE | NULL | GPL |
| ngram | ACTIVE | FTPARSER | NULL | GPL |
| AUDIT | ACTIVE | AUDIT | libaudit_plugin.so | GPL |
+------------------------- ---+----------+--------------------------------+------------- ------+---------+
45 rows in set (0.00 sec)
to view the installed plugin version:
mysql> show global status like 'AUDIT_version';
+------- --------+------------+
| Variable_name | Value |
+---------------+------- ----+
| Audit_version | 1.1.4-725 |
+---------------+------------+
1 row in set (0.00 sec )
Turn on the audit function:
mysql> SET GLOBAL audit_json_file=ON;
Query OK, 0 rows affected (0.00 sec)
You can view the configurable parameters of the plugin:
mysql> SHOW GLOBAL VARIABLES LIKE '%audi%'; For
detailed parameter description, you can directly visit the official description:
https://github.com/mcafee/mysql-audit/wiki/Configuration
Finally, in order to ensure that the database is restarted and the configuration is not lost, modify the my.cnf configuration file and add the following configuration to [mysqld], so add parameters to my.cnf in the configuration file:
audit_json_file=on #Ensure that the plugin is automatically started after mysql restarts
plugin-load=AUDIT=libaudit_plugin.so #Prevent the plugin from being deleted, and it will be loaded after restarting
audit_record_cmds='insert,delete,update,create,drop,alter,grant,truncate' #Which command statements to record, because all records are recorded by default Operation;
save and restart to see the effect.
Other recommended good articles about this plugin:
https://www.percona.com/blog/2015/06/09/auditing-mysql-with-mcafee-and-mongodb/
https://www.omgdba.com/mysql- audit-plugin-now-available-in-percona-server-5-5-and-5-6.html
Audit log plugin for MYSQL
Guess you like
Origin http://43.154.161.224:23101/article/api/json?id=326511308&siteId=291194637
Recommended
Ranking