mysql 8.0 审计_MySQL8.0-MySQLEnterpriseAudit

#####################################

MySQL8.0-MySQL Enterprise Audit

#####################################

Note

If installed, the audit_log plugin involves some minimal

overhead even when disabled.

To avoid this overhead, do not install MySQL Enterprise Audit

unless you plan to use it.

The available scripts differ in the suffix used to refer to

the plugin library file:

audit_log_filter_win_install.sql: Choose this script for

Windows systems that use .dll as the file name suffix.

audit_log_filter_linux_install.sql: Choose this script for

Linux and similar systems that use .so as the file name

suffix.

Table 6.33 Audit Log Option and Variable Reference

---------------------------------------------------------

Name Cmd-Line Option File System Var Status Var Var Scope

Dynamic

audit-log Yes Yes

audit_log_buffer_size Yes Yes Yes Global No

audit_log_connection_policy Yes Yes Yes Global Yes

audit_log_current_session Yes Both No

Audit_log_current_size Yes Global No

Audit_log_event_max_drop_size Yes Global No

Audit_log_events Yes Global No

Audit_log_events_filtered Yes Global No

Audit_log_events_lost Yes Global No

Audit_log_events_written Yes Global No

audit_log_exclude_accounts Yes Yes Yes Global Yes

audit_log_file Yes Yes Yes Global No

audit_log_flush Yes Global Yes

audit_log_format Yes Yes Yes Global No

audit_log_include_accounts Yes Yes Yes Global Yes

audit_log_policy Yes Yes Yes Global No

audit_log_rotate_on_size Yes Yes Yes Global Yes

audit_log_statement_policy Yes Yes Yes Global Yes

audit_log_strategy Yes Yes Yes Global No

Audit_log_total_size Yes Global No

Audit_log_write_waits Yes Global No

-----------------Before audit log

mysql> SHOW global VARIABLES LIKE '%audit%';

Empty set, 1 warning (0.04 sec)

mysql>

mysql> SELECT PLUGIN_NAME, PLUGIN_STATUS FROM

INFORMATION_SCHEMA.PLUGINS

WHERE PLUGIN_NAME LIKE 'audit%';

Empty set (0.06 sec)

-----------------Startup audit log

shell> mysql -u root -p <

audit_log_filter_linux_install.sql

Enter password: (enter root password here)

mysql>

mysql> source

e:\mysql\share\audit_log_filter_win_install.sql

Database changed

Query OK, 0 rows affected (2.33 sec)

Query OK, 0 rows affected (1.13 sec)

Query OK, 0 rows affected (0.65 sec)

Query OK, 0 rows affected (0.16 sec)

Query OK, 0 rows affected (0.06 sec)

Query OK, 0 rows affected (0.14 sec)

Query OK, 0 rows affected (0.07 sec)

Query OK, 0 rows affected (0.07 sec)

Query OK, 0 rows affected (0.12 sec)

Query OK, 0 rows affected (0.07 sec)

Query OK, 0 rows affected (0.07 sec)

Query OK, 0 rows affected (0.16 sec)

+--------+

| Result |

+--------+

| OK |

+--------+

1 row in set (0.00 sec)

mysql>

mysql>

mysql> SHOW global VARIABLES LIKE '%audit%';

+-----------------------------+--------------+

| Variable_name |

Value |

+-----------------------------+--------------+

| audit_log_buffer_size | 1048576 |

| audit_log_compression | NONE |

| audit_log_connection_policy | ALL |

| audit_log_current_session | OFF |

| audit_log_encryption | NONE |

| audit_log_exclude_accounts | |

| audit_log_file | audit.log |

| audit_log_filter_id |

0 |

| audit_log_flush | OFF |

| audit_log_format | NEW |

| audit_log_include_accounts | |

| audit_log_policy | ALL |

| audit_log_read_buffer_size |

1048576 |

| audit_log_rotate_on_size | 0 |

| audit_log_statement_policy |

ALL |

| audit_log_strategy |

ASYNCHRONOUS |

+-----------------------------+--------------+

16 rows in set, 1 warning (0.01 sec)

mysql>

mysql> SELECT PLUGIN_NAME, PLUGIN_STATUS FROM

INFORMATION_SCHEMA.PLUGINS

-> WHERE

PLUGIN_NAME LIKE 'audit%';

+-------------+---------------+

| PLUGIN_NAME | PLUGIN_STATUS |

+-------------+---------------+

| audit_log |

ACTIVE |

+-------------+---------------+

1 row in set (0.00 sec)

mysql>

-----------------Configure audit log

mysql> SELECT audit_log_filter_set_filter('log_all', '{

"filter": { "log": true

} }');

+-------------------------------------------------------------------------+

| audit_log_filter_set_filter('log_all', '{ "filter": { "log":

true } }') |

+-------------------------------------------------------------------------+

| OK |

+-------------------------------------------------------------------------+

1 row in set (0.19 sec)

mysql>

mysql>

mysql>

mysql> SELECT audit_log_filter_set_user('%',

'log_all');

+-------------------------------------------+

| audit_log_filter_set_user('%', 'log_all') |

+-------------------------------------------+

| OK |

+-------------------------------------------+

1 row in set (0.23 sec)

mysql>

SELECT * FROM audit_log_filter;

SELECT * FROM audit_log_user;

-----------------Remove audit log

MySQL Enterprise Audit remains installed until uninstalled. To

remove it, execute the following statements:

DROP TABLE IF EXISTS mysql.audit_log_filter;

DROP TABLE IF EXISTS mysql.audit_log_user;

UNINSTALL PLUGIN audit_log;

DROP FUNCTION audit_log_filter_set_filter;

DROP FUNCTION audit_log_filter_remove_filter;

DROP FUNCTION audit_log_filter_set_user;

DROP FUNCTION audit_log_filter_remove_user;

DROP FUNCTION audit_log_filter_flush;

DROP FUNCTION audit_log_encryption_password_get;

DROP FUNCTION audit_log_encryption_password_set;

DROP FUNCTION audit_log_read;

DROP FUNCTION audit_log_read_bookmark;