Audit Log Filtering Issue

Hi,
We have been trying to use the audit log plugin for our use case but even after setting the required parameters for filtration, the audit plugin is logging everything into the log files. Its not filtering out anything at the moment which is a big issue for us at the moment.

The configuration that we are using for the audit log plugin looks like this:

plugin-load-add=audit_log.so
audit_log_file=/var/log/mysql/audit.log
audit_log_policy = QUERIES
audit_log_format=JSON
audit_log_include_databases=db_name
audit_log_exclude_commands=show_variables,show_engine_status,show_status,show_processlist,show_tables,show_table_status,show_fields,show_create_table,show_databases,show_storage_engines,PING,ping,select,set_option,reset_connection,show_function_status

Even with this configuration we are still seeing the select queries and ping statements etc and most of the statements are not specific to our database that we want to monitor. The audit log is logging the statements of all the database which should ideally not happen.

Hi @Tanmay129,
The audit log plugin is deprecated. Can you switch to the audit log component? The component is actively developed by our team.

The other recommendation I have is to reduce audit_log_exclude_commands to just 1 and check that works. Then add 1 more filter, and confirm. Repeat this until you have all your filters. There is a possible bug that an invalid entry in this list makes the entire list invalid, so test each filter.