One of the security requirement is to findout when the user is created in MySQL instances. Unfortunately, the user table (mysql.user) does not have any column to capture this information.
Is there any better solution available in Percona MySQL Server 8.0 to capture the user creation date?
An early reply is highly appreciated.
Thank you
Hello @Ramasamy,
Your best option is to use the audit plugin; that’s basically why this plugin exists, to do security audits. You can then send all the data into something like Loki or ELK and create alarms on specific events that happen in your MySQL server.
Unfortunately, we don’t have any enterprise login mechanism like ELK, ELP, Loki… Our security team is asking is there any way we can store it in the database?
If you’re using Percona Monitoring and Management, then you can use Loki.
Otherwise, since the audit logs are generated as files, you can simply grep for events and create alerts with wrapper scripts. There’s no ability to log actions taken against MySQL, in MySQL.
I’m not sure if it’s possible, but maybe you could add a trigger to the user table?
MySQL triggers; https://dev.mysql.com/doc/refman/8.0/en/trigger-syntax.html
Triggers are a possibility, however, it would not be advisable to add triggers to a system table. Either future upgrades will fail because the schema of the system table is different, or the trigger will be deleted on upgrade and need to be readded each time.
@matthewb Oh of course you’re right! That’s a good point.
Is there any possibility of adding this column to the table “mysql.user” by Percona or Oracle? If yes, any ETA?
@Ramasamy You can open a feature request at https://jira.percona.com/ If you’d like to sponsor the development, I can put you in contact with our team. Otherwise, the request will get added to our roadmap list, and prioritized accordingly.
Unanswered | Unsolved | Solved
MySQL, InnoDB, MariaDB and MongoDB are trademarks of their respective owners.
Copyright © 2006 - 2024 Percona LLC. All rights reserved.