Hello;
I am using Percona’s Audit Log plugin and I have configured it, but it only logs user logins to the log file. However, I want to log all users’ DELETE, UPDATE, and INSERT operations, including both existing and newly created users. How can I achieve this?
Please show the configuration, SHOW GLOBAL variables LIKE 'audit%';. Also, have you read through our extensive documentation for this plugin?
mysql> SHOW GLOBAL variables LIKE ‘audit%’;
±----------------------------±---------------------+
| Variable_name | Value |
±----------------------------±---------------------+
| audit_log_buffer_size | 1048576 |
| audit_log_exclude_accounts | mysql,sys |
| audit_log_exclude_commands | |
| audit_log_exclude_databases | |
| audit_log_file | audit.log |
| audit_log_flush | OFF |
| audit_log_format | JSON |
| audit_log_handler | FILE |
| audit_log_include_accounts | |
| audit_log_include_commands | INSERT,DELETE,UPDATE |
| audit_log_include_databases | |
| audit_log_policy | ALL |
| audit_log_rotate_on_size | 0 |
| audit_log_rotations | 0 |
| audit_log_strategy | ASYNCHRONOUS |
| audit_log_syslog_facility | LOG_USER |
| audit_log_syslog_ident | percona-audit |
| audit_log_syslog_priority | LOG_INFO |
±----------------------------±---------------------+
18 rows in set (0.01 sec)
Yes I have read and adjusted accordingly
This looks incorrect as mysql and sys are both databases, not users accounts. Move these to audit_log_exclude_databases
Your values for audit_log_include_commands are incorrect. The values for this parameter are not SQL, they are the internal command calls.
Run this SELECT name FROM performance_schema.setup_instruments WHERE name LIKE "statement/sql/%" ORDER BY name; to see all the command names. Srip off the first part of ‘statement/sql/’ and use just the base part in the setting.
Unanswered | Unsolved | Solved
MySQL, InnoDB, MariaDB and MongoDB are trademarks of their respective owners.
Copyright © 2006 - 2024 Percona LLC. All rights reserved.