About the use of MySQL Enterprise Audit plugin

As seen earlier in an article, the false idea is to know who landed your database server and what you did, then you need to use Mysql Enterprise Audit plugin.

The following describes the use of Mysql Enterprise Audit plugin:

Method One:

1. Find audit_log.so in your MySQL installation folder. Mine is under the/usr/lib/mysql/plugin/folder.

2. Add plugin-load=audit_log.so to your my.cnf file to enable MySQL to start the audit log function at startup. In general, you will also add a audit-log=force_plus_permanent this is to let the server open when the monitor audit log initialization. Other words. Assume that the audit log is not enabled. Then the server is not started.

Method Two:

1, the first step is universal

2, in your MySQL use can use the Install plugin command to join the audit function:

mysql> INSTALL PLUGIN audit_log SONAME ' audit_log.so ';

Started Mysql Enterprise Audit plugin Let's take a look at the log content:

By default, the MySQL audit log is stored in/var/lib/mysql/audit.log

<audit_record timestamp= "2015-07-21t08:00:27 UTC" record_id= "6130_2015-07-21t07:56:43" NAME= "Query" CONNECTION_ Id= "3" status= "0" status_code= "0" user= "root[root" @ localhost [] "os_login=" "host=" localhost "ip=" "command_class=" Show_tables "sqltext=" Show Tables "/>
<audit_record timestamp= "2015-07-21t08:00:38 UTC" record_id= "6131_2015-07-21t07:56:43" NAME= "Query" CONNECTION_ Id= "3" status= "0" status_code= "0" user= "root[root" @ localhost [] "os_login=" "host=" localhost "ip=" "command_class=" Select "Sqltext=" SELECT * from final "/>

About the use of MySQL Enterprise Audit plugin