MySQL Audit Log Audit

First, Introduction

The database audit can record the database activity on the network in real time, carry on the fine-grained audit compliance management to the database operation, alarm the risk behavior of the database, block the attack behavior, and use it to record, analyze and report the behavior of the user Access database, to help the user to generate the compliance report afterwards, The accident traced, simultaneously strengthened the internal and external database network behavior record, enhances the data asset security.

MySQL Enterprise Edition has this feature, which belongs to the toll component, this beta social version uses third party open source plugins.

Two

Https://bintray.com/mcafee/mysql-audit-plugin/release/1.1.4-725#files

[Email protected] soft]# Unzip Audit-plugin-mysql-5.7-1.1.4-725-linux-x86_64.zip

CP libaudit_plugin.so/usr/local/mysql/lib/plugin/

Chown-r Mysql.mysql libaudit_plugin.so

Chmod-r 755 libaudit_plugin.so

Third, the command line installation operation and error resolution

mysql> INSTALL PLUGIN AUDIT SONAME ' libaudit_plugin.so ';

ERROR (HY000): file ' mysqld ' not found (Errcode:2-No such File or directory)

mysql> INSTALL PLUGIN AUDIT SONAME '/opt/mysql/mysql-5.7.22-linux-glibc2.12-x86_64/lib/plugin/libaudit_plugin.so ‘;
ERROR 1124 (HY000): No paths allowed for shared library

Solution:

Reference 78827375

See if plug-in features are turned on

#show variables like ""%audit%;

To turn on plugin functionality:

Set global audit_json_file=1;

In the MySQL data directory, an extra Mysql-audit.json audit log will be given.

Viewing the Mysql-audit.json file, you can find the user name and IP address of the operation SQL statement, which provides a good monitoring effect on the operational database.

MySQL Audit Log Audit