下文給大家?guī)碛嘘P(guān)Percona Audit Log Plugin實(shí)現(xiàn)對(duì)MySQL 審計(jì)的操作步驟內(nèi)容����,相信大家一定看過類似的文章�。我們給大家?guī)淼挠泻尾煌??一起來看看正文部分吧���,相信看完P(guān)ercona Audit Log Plugin實(shí)現(xiàn)對(duì)mysql 審計(jì)的操作步驟你一定會(huì)有所收獲。
創(chuàng)新互聯(lián)堅(jiān)持“要么做到��,要么別承諾”的工作理念����,服務(wù)領(lǐng)域包括:網(wǎng)站建設(shè)、做網(wǎng)站���、企業(yè)官網(wǎng)���、英文網(wǎng)站、手機(jī)端網(wǎng)站��、網(wǎng)站推廣等服務(wù)�����,滿足客戶于互聯(lián)網(wǎng)時(shí)代的懷寧網(wǎng)站設(shè)計(jì)���、移動(dòng)媒體設(shè)計(jì)的需求��,幫助企業(yè)找到有效的互聯(lián)網(wǎng)解決方案����。努力成為您成熟可靠的網(wǎng)絡(luò)建設(shè)合作伙伴�!
Percona Audit Log Plugin提供對(duì)特定云服務(wù)器上執(zhí)行的連接和查詢活動(dòng)的監(jiān)視和記錄。 有關(guān)活動(dòng)的信息將存儲(chǔ)在XML日志文件中��,其中每個(gè)事件將具有其NAME字段����,其自己的唯一RECORD_ID字段和TIMESTAMP字段。 此實(shí)現(xiàn)是MySQL Enterprise Audit Log Plugin的替代審計(jì)日志插件生成以下事件的日志:Audit - Audit事件表示審計(jì)日志記錄已開始或已完成���。 記錄開始時(shí)NAME字段為Audit����,日志記錄完成時(shí)為NoAudit�����。 審計(jì)記錄還包括云"MYSQL_VERSION"="5.6.17-65.0-655.trusty"
"STARTUP_OPTIONS"="--basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin --user=mysql --log-error=/var/log/mysql/error.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/run/mysqld/mysqld.sock --port=3306"
"OS_VERSION"="x86_64-debian-linux-gnu",
/>
Connect/Disconnect - Connect record event will have NAME field Connect when user logged in or login failed, or Quit when connection is closed. Additional fields for this event are CONNECTION_ID, STATUS, USER, PRIV_USER, OS_LOGIN, PROXY_USER, HOST, and IP. STATUS will be 0 for successful logins and non-zero for failed logins.
Example of the Disconnect event:
"NAME"="Quit"
"RECORD"="24_2014-04-29T09:29:40"
"TIMESTAMP"="2014-04-29T10:20:13 UTC"
"CONNECTION_ID"="49"
"STATUS"="0"
"USER"=""
"PRIV_USER"=""
"OS_LOGIN"=""
"PROXY_USER"=""
"HOST"=""
"IP"=""
"DB"=""
/>
1,安裝:
審核日志插件隨Percona Server一起提供,但默認(rèn)情況下不會(huì)安裝��。要啟用該插件���,您必須運(yùn)行以下命令
INSTALL PLUGIN audit_log SONAME 'audit_log.so';
驗(yàn)證插件是否安裝成功
SHOW PLUGINS;
+--------------------------------+----------+--------------------+--------------+---------+
| Name | Status | Type | Library | License |
+--------------------------------+----------+--------------------+--------------+---------+
...
| audit_log | ACTIVE | AUDIT | audit_log.so | GPL |
+--------------------------------+----------+--------------------+--------------+---------+
2���,日志格式:
審核日志插件支持四種日志格式:OLD,NEW�����,JSON和CSV�。 OLD和NEW格式基于XML,前者將日志記錄屬性輸出為XML屬性����,后者輸出為XML標(biāo)記。 記錄的信息在所有四種格式中都是相同的�。 日志格式選擇由audit_log_format變量控制。
Quit
10902_2014-04-28T11:02:54
2014-04-28T11:02:59 UTC
36
0
3�,實(shí)戰(zhàn):
以下示例顯示添加將受監(jiān)控的用戶
mysql> SET GLOBAL audit_log_include_accounts = 'user1@localhost,root@localhost';
Query OK, 0 rows affected (0.00 sec)
If you you try to add users to both include and exclude lists server will show you the following error:
mysql> SET GLOBAL audit_log_exclude_accounts = 'user1@localhost,root@localhost';
ERROR 1231 (42000): Variable 'audit_log_exclude_accounts' can't be set to the value of 'user1@localhost,root@localhost'
To switch from filtering by included user list to the excluded one or back, first set the currently active filtering variable to NULL:
mysql> SET GLOBAL audit_log_include_accounts = NULL;
Query OK, 0 rows affected (0.00 sec)
mysql> SET GLOBAL audit_log_exclude_accounts = 'user1@localhost,root@localhost';
Query OK, 0 rows affected (0.00 sec)
mysql> SET GLOBAL audit_log_exclude_accounts = "'user'@'host'";
Query OK, 0 rows affected (0.00 sec)
mysql> SET GLOBAL audit_log_exclude_accounts = '''user''@''host''';
Query OK, 0 rows affected (0.00 sec)
mysql> SET GLOBAL audit_log_exclude_accounts = '\'user\'@\'host\'';
Query OK, 0 rows affected (0.00 sec)
To see what users are currently in the on the list you can run:
mysql> SELECT @@audit_log_exclude_accounts;
+------------------------------+
| @@audit_log_exclude_accounts |
+------------------------------+
| 'user'@'host' |
+------------------------------+
1 row in set (0.00 sec)
--備注:監(jiān)控的用戶名必須和mysql.user里用戶名一致,不然不生效
NAME="Connect"
RECORD="4971917_2016-08-22T09:09:10"
TIMESTAMP="2016-08-22T09:12:21 UTC"
CONNECTION_ID="6"
STATUS="0"
USER="user1" ;; this is a 'user' part of account in 5.7
PRIV_USER="user1"
OS_LOGIN=""
PROXY_USER=""
HOST="localhost" ;; this is a 'host' part of account in 5.7
IP=""
DB=""
/>
過渡掉user1(排除user1)
SET GLOBAL audit_log_exclude_accounts = 'user1@%';
對(duì)于上文關(guān)于Percona Audit Log Plugin實(shí)現(xiàn)對(duì)mysql 審計(jì)的操作步驟����,大家覺得是自己想要的嗎��?如果想要了解更多相關(guān)�,可以繼續(xù)關(guān)注我們的行業(yè)資訊板塊��。
新聞標(biāo)題:PerconaAuditLogPlugin實(shí)現(xiàn)對(duì)mysql審計(jì)的操作步驟
當(dāng)前鏈接:
http://weahome.cn/article/iphceo.html
重慶分公司
重慶分公司
