How to skip select or all read operation in audit_log_filter in percona 8.4

dba_S4dscjz · May 16, 2025, 8:02am

The plugin component records log messages by “class” and the class that captures the queries doesn’t display the username who is running the queries but displays a connection identifier. You therefore need at least 2 classes in your filter definition to do what your’re looking for.

May be you can test this filter :

{
  "filter": {
    "class": [
      { "name": "connection", "log": true },
      {
        "name": "query",
        "event": {
          "name": ["start", "status_end"],
          "log": {
            "not": {
              "or": [
                { "function": {
                  "name": "string_find",
                  "args": [{"string": {"field": "sql_command_id"}}, {"string": {"string": "show_"}}]
                }},
                { "field": { "name": "sql_command_id", "value": "select"} }
              ]
            }
          }
        }
      }
    ]
  }
}

Topic		Replies	Views
Audit Log Plugin - System Variables Other MySQL® Questions	2	672	June 13, 2014
Write audit_log_filter definitons Percona Server for MySQL 8.0	4	149	April 25, 2025
query condition didn't get logged in slow query log Other MySQL® Questions	1	406	August 16, 2007
pt-query-digest how to use for a specific database only to analyse slow query log Percona Toolkit	2	4411	December 5, 2012
Defining rules for audit log filter component (v8.0 / 8.4) Percona Server for MySQL 8.0	2	180	May 7, 2025

How to skip select or all read operation in audit_log_filter in percona 8.4

Related topics