Audit_log_filter component and MySQL 8.4

The old Percona Audit Log plugin works fine with MySQL 8.0. Does anyone know if the new audit_log_filter component works with MySQL 8.4?

I’ve been trying to install it and it doesn’t seem to install properly. Just wanting to check if it is me, or if it simply isn’t compatible with MySQL anymore.

@IGGt

It seems by default the plugin is not available with Percona Server for MySQL - 8.4

mysql> INSTALL PLUGIN audit_log SONAME 'audit_log.so';
ERROR 1126 (HY000): Can't open shared library '/usr/lib64/mysql/plugin/audit_log.so' (errno: 11 /usr/lib64/mysql/plugin/audit_log.so: cannot open shared object file: No such file or directory)

Are you using the Percona Server for MySQL or the Upstream(Oracle) 8.4 ?

Well for the upstream also you can copy the audit_log.so file
separately - Using the Percona Audit Logging Plugin on MySQL Community 8.0.x and make it work with the INSTALL PLUGIN ...

As far as audit_log_filter is concerned it should support - Install the Audit Log Filter - Percona Server for MySQL

Can you please let us know exactly what error or issue you are facing to better understand the scenario ?

At present I am using (Oracle) MySQL 8.0 (community) with the Percona Audit Log plugin. I am looking to upgrade to (Oracle) MySQL 8.4 (community) but require a working audit log plugin. As you say it doesn’t appear to be available in the Percona for MySQL 8.4 editions. I will have another look at the Percona Audit Log filter plugin to see if that works (although from previous testing it seems that it doesn’t).

So, I though maybe it’s because I have MySQL 8.4 and Percona are on 8.3. So I installed a copy of Percona Server for MySQL (8.4.3-3) and followed the instructions on the website (Audit Log Filter overview - Percona Server for MySQL). And it still doesn’t work.
I set up the two tables and populated them with:
insert into audit_log_filter (filter_id, name, filter) values (1, 'all events', '{"filter": { "log": true }}');
insert into audit_log_filter (username, userhost, filtername) values ('%', '%', 'all events');

I then restarted MySQL to make sure, and created a new user / schema / tables / logged out and back in with the new user etc.

And all I have in the log is:
[ { "timestamp": "2025-03-11 14:03:20", "id": 0, "class": "audit", "event": "audit", "server_id": 1 }#

Clearly there is some issue with it !!!
I’m just wondering has anyone made it work, and if so how ???

As a side note, I also just tried installing the original audit_log plugin (audit_log.so), that was bundled with MySQL 8.4.3-3.
It also doesn’t work. It just gives an error

Error Code: 1126. Can’t open shared library `/usr/lib/mysql/plugin/audit_log.so’ (errno: 0 /usr/lib/mysql/plugin/audit_log.so: undefined symbol: my_thread_init)

I guess that wasn’t tested either.

Bug Raised for the standard audit_log not installing - Jira

@IGGt
Based on Percona’s official documentation (Upgrade Components - Percona Server 8.4), the old audit_log plugin has been removed in MySQL 8.4, and the recommended replacement is the audit_log_filter component.

Regarding your setup, the issue likely stems from how the filter is applied. Instead of inserting values directly into audit_log_filter and audit_log_user tables, you should use the built-in functions:

SELECT audit_log_filter_set_filter('log_all', '{"filter": {"log": true}}');
SELECT audit_log_filter_set_user('%', 'log_all');

This ensures that MySQL properly registers the filter.

For more details, I recommend this blog

Hope this helps

That makes no difference either. I re-installed the audit_log_filter from scratch, configured it as per above. I then ran a selection of queries using two different accounts, and still nothing appears in the audit log.

I also installed Percona Server for MySQL 8.0 (8.0.41-32), and followed the instructions to install the audit_log_filter plugin Audit Log Filter overview - Percona Server for MySQL.
And it still doesn’t work. The result is exactly the same. The log contains one entry from when the server starts, and then nothing else ever gets added.

Hello @IGGt ,

There is a bug with audit_log_filter plugin discussed here : Strange behaviour with Audit Log Filter component.
So maybe your case matches the behaviour describes in this thread.

Note that fix has been made and included to Percona release 8.4.4 but this version is not released yet (this is planned for Q1 2025).

Cheers, it looks like it may indeed be related. If I set up a filter for a specific user rather than all users, I get data in the log file.

SELECT audit_log_filter_set_user('test@localhost', 'log_all');

I will wait for the new version and go from there,