With the new audit filter plugin introduced in Percona MySQL Server 8.4.x, is it possible to extract the user connection details and DDL statements into a MySQL table in Percona MySQL 8.4.7 for our Security reports (daily logins, dropped users, users executed DDL statements, etc) and adhoc queries required by Security team?
You can set the required filter using the function audit_log_filter_set_filter() mentioned here: Filter the Audit Log Filter logs - Percona Server for MySQL. However, I don’t see any direct way to have the information in the table as well. You might need to read from the audit log file and ingest it into the target table. I’ll check more about this internally and get back to you.
This function, when provided with a filter name and definition, adds the filter.
Audit log filter functions, options, and variables - Percona Server for MySQL
This function assigns the filter to the selected user account.
Audit log filter functions, options, and variables - Percona Server for MySQL
Currently, these formats - Overview - Percona Server for MySQL are available.