Secilog 1.18 released added MySQL audit, multiple Web reports, etc.

Source: Internet
Author: User

log analysis software Secilog 1.18 released, increased the MySQL database audit, added a number of Web reports, the log query made more friendly new features, the previous article 1.17, interested to understand. This upgrade mainly adds the following features:

added MySQL database audit

MySQL Audit main there are several ways, commonly used is to analyze the Binlog function of MySQL, and binlog analysis can not be analyzed in real time, there is a problem is binlog binary content, need to rely on third-party system can be analyzed. There is also a common way to analyze MySQL requests through sniffer, and we are mainly using sniffer to analyze MySQL logs.

MySQL Sniffer collection needs to be installed Agent,agent is the source location as follows: ? h? Ttps://github.com/zhulinu/secimysql,

after the download, the compiler can go to the agent and configure the syslog after the compilation is complete. /etc/rsyslog.conf Add a row

local0.* @ip

The information in the message is also modified, otherwise the record is repeated

*.info;mail.none;authpriv.none;cron.none/var/log/messages change to the following content

*.info;mail.none;authpriv.none;cron.none;local0.none/var/log/messages

Then start listening in the background

Nohup./mysqlsniffer eth0 –Port 3306--no-mysql-hdrs &

This way, MySQL's audit is well-configured. Let's look at the effect of the audit:

Production See details:

can identify login log out, query and other information.

Added a web report

A further 4 reports were added on top of the previous six reports: including browser distribution, operating system distribution, file type distribution, and crawler distribution. At the same time the system also audit to the operating system type, for the mobile browser to identify the QQ browser and the UC browser two domestic use more. At the same time for mobile phone access to identify the phone model and manufacturers, at present, due to sample problems to identify the Meizu, LG, Apple, Samsung and several other mobile phones, the latter will gradually increase.

The following is a report overview.

For more information, a few additions to Web Access are as follows:

Optimizing Log Queries

The field detailed query is added so that the conditional input is more convenient.

Added basic Help for queries. When the user clicks on the IP, the system will automatically find the IP address information, convenient for users to view.

The above is the main content of the upgrade, of course, also fixed some bugs, not listed.

Welcome everyone to download the use, unchanged, or http://pan.baidu.com/s/1qWt7Hxi.

The next version plans to do the audit of SFTP, Ftp,squid and other audit, will continue to optimize the Web report, near please look forward to.

Secilog 1.18 released added MySQL audit, multiple Web reports, etc.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.