Audit_log_filter component and MySQL 8.4

IGGt · February 13, 2025, 4:21pm

The old Percona Audit Log plugin works fine with MySQL 8.0. Does anyone know if the new audit_log_filter component works with MySQL 8.4?

I’ve been trying to install it and it doesn’t seem to install properly. Just wanting to check if it is me, or if it simply isn’t compatible with MySQL anymore.

anil.joshi · February 15, 2025, 4:35pm

@IGGt

It seems by default the plugin is not available with Percona Server for MySQL - 8.4

mysql> INSTALL PLUGIN audit_log SONAME 'audit_log.so';
ERROR 1126 (HY000): Can't open shared library '/usr/lib64/mysql/plugin/audit_log.so' (errno: 11 /usr/lib64/mysql/plugin/audit_log.so: cannot open shared object file: No such file or directory)

Are you using the Percona Server for MySQL or the Upstream(Oracle) 8.4 ?

Well for the upstream also you can copy the audit_log.so file
separately - Using the Percona Audit Logging Plugin on MySQL Community 8.0.x and make it work with the INSTALL PLUGIN ...

As far as audit_log_filter is concerned it should support - Install the Audit Log Filter - Percona Server for MySQL

Can you please let us know exactly what error or issue you are facing to better understand the scenario ?

IGGt · March 10, 2025, 3:02pm

At present I am using (Oracle) MySQL 8.0 (community) with the Percona Audit Log plugin. I am looking to upgrade to (Oracle) MySQL 8.4 (community) but require a working audit log plugin. As you say it doesn’t appear to be available in the Percona for MySQL 8.4 editions. I will have another look at the Percona Audit Log filter plugin to see if that works (although from previous testing it seems that it doesn’t).

IGGt · March 11, 2025, 2:16pm

So, I though maybe it’s because I have MySQL 8.4 and Percona are on 8.3. So I installed a copy of Percona Server for MySQL (8.4.3-3) and followed the instructions on the website (Audit Log Filter overview - Percona Server for MySQL). And it still doesn’t work.
I set up the two tables and populated them with:
insert into audit_log_filter (filter_id, name, filter) values (1, 'all events', '{"filter": { "log": true }}');
insert into audit_log_filter (username, userhost, filtername) values ('%', '%', 'all events');

I then restarted MySQL to make sure, and created a new user / schema / tables / logged out and back in with the new user etc.

And all I have in the log is:
[ { "timestamp": "2025-03-11 14:03:20", "id": 0, "class": "audit", "event": "audit", "server_id": 1 }#

Clearly there is some issue with it !!!
I’m just wondering has anyone made it work, and if so how ???

As a side note, I also just tried installing the original audit_log plugin (audit_log.so), that was bundled with MySQL 8.4.3-3.
It also doesn’t work. It just gives an error

Error Code: 1126. Can’t open shared library `/usr/lib/mysql/plugin/audit_log.so’ (errno: 0 /usr/lib/mysql/plugin/audit_log.so: undefined symbol: my_thread_init)

I guess that wasn’t tested either.

IGGt · March 12, 2025, 8:41am

Bug Raised for the standard audit_log not installing - Jira

Matias_Sanchez1 · March 12, 2025, 4:32pm

@IGGt
Based on Percona’s official documentation (Upgrade Components - Percona Server 8.4), the old audit_log plugin has been removed in MySQL 8.4, and the recommended replacement is the audit_log_filter component.

Regarding your setup, the issue likely stems from how the filter is applied. Instead of inserting values directly into audit_log_filter and audit_log_user tables, you should use the built-in functions:

SELECT audit_log_filter_set_filter('log_all', '{"filter": {"log": true}}');
SELECT audit_log_filter_set_user('%', 'log_all');

This ensures that MySQL properly registers the filter.

For more details, I recommend this blog

Hope this helps

IGGt · March 13, 2025, 9:18am

That makes no difference either. I re-installed the audit_log_filter from scratch, configured it as per above. I then ran a selection of queries using two different accounts, and still nothing appears in the audit log.

IGGt · March 13, 2025, 1:10pm

I also installed Percona Server for MySQL 8.0 (8.0.41-32), and followed the instructions to install the audit_log_filter plugin Audit Log Filter overview - Percona Server for MySQL.
And it still doesn’t work. The result is exactly the same. The log contains one entry from when the server starts, and then nothing else ever gets added.

dba_S4dscjz · March 14, 2025, 9:43am

Hello @IGGt ,

There is a bug with audit_log_filter plugin discussed here : Strange behaviour with Audit Log Filter component.
So maybe your case matches the behaviour describes in this thread.

Note that fix has been made and included to Percona release 8.4.4 but this version is not released yet (this is planned for Q1 2025).

IGGt · March 14, 2025, 3:03pm

Cheers, it looks like it may indeed be related. If I set up a filter for a specific user rather than all users, I get data in the log file.

SELECT audit_log_filter_set_user('test@localhost', 'log_all');

I will wait for the new version and go from there,

Topic		Replies	Views
Audit_log_filter plugin not working with mysql 8.0.36 Percona Server for MySQL 8.0 mysql	2	616	March 19, 2024
Audit Log no longer works with MySQL 5.7 ? Percona Monitoring Plugins	1	2390	June 13, 2018
Audit plugin for percona server for mysql innovation Percona Distribution for MySQL	1	157	June 24, 2024
Strange behaviour with Audit Log Filter component Percona Server for MySQL 8.0	14	104	February 28, 2025
Percona Audit log issue with update cammand_class MySQL & MariaDB mysql	7	879	August 10, 2021

Audit_log_filter component and MySQL 8.4

Related topics