For Mysql Enterprise Audit plugin, auditplugin
As in the previous article, if you want to know who has logged on to your database server and what has been done, you need to use Mysql Enterprise Audit plugin.
The following describes how to use Mysql Enterprise Audit plugin:
Method 1:
1. Find audit_log.so in your MySQL installation directory. I am in the/usr/lib/mysql/plugin/directory.
2. Add plugin-load = audit_log.so to your my. cnf file so that MySQL starts the audit log function at startup. Generally, you will add an audit-log = FORCE_PLUS_PERMANENT below to check whether the audit log is initialized when the server is enabled. That is to say, if the audit log is not enabled, the server will not start.
Method 2:
1. The first step is generic.
2. In your MySQL use, you can use the install plugin command to add the audit function:
Mysql> install plugin audit_log SONAME 'audit _ log. so ';
After Mysql Enterprise Audit plugin is started, let's take a look at the log Content:
By default, MySQL audit logs exist in/var/lib/mysql/audit. log
<AUDIT_RECORD TIMESTAMP = "2015-07-21T08: 00: 27 UTC" RECORD_ID = "6130_2015-07-21T07: 56: 43 "NAME =" Query "CONNECTION_ID =" 3 "STATUS =" 0 "STATUS_CODE =" 0 "USER =" root [root] @ localhost [] "OS _LOGIN =" "HOST = ""localhost" IP = "" COMMAND_CLASS = "show_tables" SQLTEXT = "show tables"/>
<AUDIT_RECORD TIMESTAMP = "2015-07-21T08: 00: 38 UTC" RECORD_ID = "6__2015-07-21t07: 56: 43 "NAME =" Query "CONNECTION_ID =" 3 "STATUS =" 0 "STATUS_CODE =" 0 "USER =" root [root] @ localhost [] "OS _LOGIN =" "HOST = ""localhost" IP = "" COMMAND_CLASS = "select" SQLTEXT = "select * from final"/>
Copyright Disclaimer: This article is an original article by the blogger and cannot be reproduced without the permission of the blogger.