mysql伪劣记行_mysql行为审记

插件源码地址

https://github.com/mcafee/mysql-audit

插件安装方法

https://github.com/mcafee/mysql-audit/wiki/Installation

插件下载地址

https://bintray.com/mcafee/mysql-audit-plugin/release/1.0.9-585

1、查看mysql插件存放目录

mysql> SHOW GLOBAL VARIABLES LIKE 'plugin_dir';

+---------------+-----------------------------------+

| Variable_name | Value |

+---------------+-----------------------------------+

| plugin_dir | /usr/local/mysql/lib/plugin/ |

+---------------+-----------------------------------+

1 row in set (0.01 sec)

2、复制libaudit_plugin.so 至 mysql插件目录

mv libaudit_plugin.so /usr/local/mysql/lib/plugin/

chmod a+x /usr/local/mysql/lib/plugin/*

chown mysql:mysql /usr/local/mysql/lib/plugin/*

3、安装插件

初使使用在线安装,但是安装失败

mysql> INSTALL PLUGIN AUDIT SONAME 'libaudit_plugin.so';

ERROR 1524 (HY000): Plugin 'AUDIT' is not loaded

然后使用修改配置,然后重启数据库,官方推荐使用修改配置方式安装。

Note: On production systems, McAfee recommends using the plugin-load option for installing the audit plugin.

修改my.cnf文件,添加加载审计插件代码

plugin-load=AUDIT=libaudit_plugin.so

audit_json_file=1

audit_force_record_logins=1

audit_json_file_sync=1

audit_whitelist_users=test2,test1 #不记录行为的用户

audit_whitelist_cmds =BEGIN,COMMIT,SELECT  #这个参数看需要要不要设,过滤掉查询的

重启数据库

/etc/init.d/mysql.server restart

[root@localhost mysql]# tail mysql-audit.json

{"msg-type":"activity","date":"1490176712103","thread-id":"3","query-id":"0","user":"root","priv_user":"root","host":"localhost","cmd":"Connect","query":"Connect"}

{"msg-type":"activity","date":"1490176712106","thread-id":"3","query-id":"11","user":"root","priv_user":"root","host":"localhost","cmd":"select","query":"select @@version_comment limit 1"}

{"msg-type":"activity","date":"1490176724747","thread-id":"3","query-id":"12","user":"root","priv_user":"root","host":"localhost","cmd":"select","query":"SELECT DATABASE()"}

{"msg-type":"activity","date":"1490176724748","thread-id":"3","query-id":"13","user":"root","priv_user":"root","host":"localhost","cmd":"Init DB","objects":[{"db":"test","obj_type":"DATABASE"}],"query":"Init DB"}

{"msg-type":"activity","date":"1490176724754","thread-id":"3","query-id":"14","user":"root","priv_user":"root","host":"localhost","cmd":"show_databases","objects":[{"db":"information_schema","name":"/tmp/#sql_a6c_0","obj_type":"TABLE"}],"query":"show databases"}

{"msg-type":"activity","date":"1490176724769","thread-id":"3","query-id":"15","user":"root","priv_user":"root","host":"localhost","cmd":"show_tables","objects":[{"db":"information_schema","name":"/tmp/#sql_a6c_0","obj_type":"TABLE"}],"query":"show tables"}

{"msg-type":"activity","date":"1490176724771","thread-id":"3","query-id":"16","user":"root","priv_user":"root","host":"localhost","cmd":"show_fields","query":"show_fields"}

{"msg-type":"activity","date":"1490176753954","thread-id":"3","query-id":"17","user":"root","priv_user":"root","host":"localhost","cmd":"show_tables","objects":[{"db":"information_schema","name":"/tmp/#sql_a6c_0","obj_type":"TABLE"}],"query":"show tables"}

{"msg-type":"activity","date":"1490176769225","thread-id":"3","query-id":"18","user":"root","priv_user":"root","host":"localhost","cmd":"select","objects":[{"db":"test","name":"t1","obj_type":"TABLE"}],"query":"select * from t1"}

{"msg-type":"activity","date":"1490176779812","thread-id":"3","query-id":"19","user":"root","priv_user":"root","host":"localhost","cmd":"Quit","query":"Quit"}

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值