6、 MySQL安全之审计管理
审计:记录你的操作,方便以后查证据,但是生产环境数据库本身不建议开启,影响性能,但可以使用第三方审计
6.1 开源审计功能 mysql Audit Pluging
mysq15.7企业版自带审计功能,需要付费
社区版可以用开源的 mysqL Audit Pluging( McAfee提供的)
下载地址:
https://github.com/mcafee/mysql-audit
涉及参数:
audit_json_file = on
plugin-load = AUDIT=libaudit_plugin.so
audit_record_cmds = 'insert,delete,update,create,drop,alter,grant,truncate'
audit_json_log_file = /var/log/mysql/mysql-audit.json
audit_offsets = 7824, 7872, 3632, 4792, 456, 360, 0, 32, 64, 160, 536, 7988, 4360, 3648, 3656, 3660, 6072, 2072, 8, 7056, 7096, 7080, 13464, 148, 672
不设置 audit_record_cmds 参数,所有的DDL,DML全记录
https://github.com/mcafee/mysql-audit
https://bintray.com/mcafee/mysql-audit-plugin/release/1.1.7-866
https://bintray.com/mcatee/mysql-audit-plugin/release
mysql root@localhost:auditdb> show global variables like 'plugin_dir';
+---------------+--------------------------+
| Variable_name | Value |
+---------------+--------------------------+
| plugin_dir | /usr/lib64/mysql/plugin/ |
+---------------+--------------------------+
https://bintray.com/mcafee/