Mysql5.6审计功能_MySQL
1. 前言
为了安全和操作的可追溯性考虑,越来越多的公司加入了审计功能。mysql5.5推出了相关的审计功能,到5.6.20功能进一步完善,算是勉强可用了,虽然细粒度方面做的不是太好,但是后续版本还是可以期待一下的。这里主要介绍下相关的功能和特性。2. 开启审计
2.1 配置文件加载
mysql5.6中的审计是通过audit_log插件来实现的,我们可以在配置文件中加载该插件来开启。1 2 |
|
如果希望数据库强制开启审计功能,如果不开启的话server不启动,或者审计功能不能进行时server挂住,加入
1 2 3 |
|
2.2 加载插件列表
审计功能的开启还有另外一种方式,就是在命令行中安装审计插件。确保在数据库的插件目录中存在audit_log.so。[i686数据库的插件目录默认是/usr/lib/mysql/plugin,中,也可以指定参数plugin_dir]1 |
|
3. 参数介绍
审计参数如下:
3.1 audit_log_buffer_size
audit_log_buffer_size :审计缓存,建议设置为4096的倍数,该参数只有在audit_log_strategy为ASYNCHRONOUS时生效。3.2 audit_log_connection_policy
audit_log_connection_policy:记录了连接审计的信息。包含三个参数| Value | Description |
|---|---|
ALL |
Log all connection events |
ERRORS |
Log only failed connection events |
NONE |
Do not log connection events |
3.3 audit_log_current_session
audit_log_current_session:标志当前会话是否进入审计,是个只读参数,只能通过 audit_log_exclude_accounts和 audit_log_include_accounts来控制哪儿些进入会话审计。3.4 audit_log_exclude_accounts/audit_log_include_accounts
audit_log_exclude_accounts:控制哪儿些用户可以不进入审计,字符串类型,默认可以使用逗号分隔。audit_log_include_accounts:控制哪儿些用户可以进入审计,字符串类型,默认可以使用逗号分隔。
exclude和include同时只有一个参数生效。
3.5 audit_log_file
audit_log_file:可以用于控制审计日志的名称和路径。3.6 audit_log_flush
audit_log_flush:控制审计日志的归档,只有在audit_log_rotate_on_size=0的时候生效,在手工重命名审计日志归档后,可以指定audit_log_flush=1来生成新的审计日志。3.7 audit_log_format
audit_log_format:审计日志的格式,分为OLD和NEW(NEW格式在5.6.14才出现)。当更改格式的时候需要进行3个步骤:1 :关闭数据库 2:重命名当前的audit.log文件
3:更改audit_log_format参数,并重启mysql,重启后会自动生成一个新的audit.log文件
防止NEW格式和OLD格式在同一个审计日志中,会导致审计功能错误。 audit_log_policy :记录了审计日志的控制策略:
| Value | Description |
|---|---|
ALL |
Log all events |
LOGINS |
Log only login events |
QUERIES |
Log only query events |
NONE |
Log nothing (disable the audit stream |
3.8 audit_log_statement_policy
audit_log_statement_policy:记录了语句的审计策略,可能会被audit_log_policy给覆盖:| Value | Description |
|---|---|
ALL |
Log all statement events |
ERRORS |
Log only failed statement events |
NONE |
Do not log statement events |
3.9 audit_log_rotate_on_size
audit_log_rotate_on_size:审计日志的文件大小。当参数大于0的时候,当审计日志超过限制后,会自动的重命名为加时间戳后缀的日志文件。同时创建新的审计日志。3.10 audit_log_strategy
audit_log_strategy:审计日志的刷新策略分为:| Value | Meaning |
|---|---|
ASYNCHRONOUS |
Log asynchronously, wait for space in output buffer |
PERFORMANCE |
Log asynchronously, drop request if insufficient space in output buffer |
SEMISYNCHRONOUS |
Log synchronously, permit caching by operating system |
SYNCHRONOUS |
Log synchronously, call sync() after each request |
4. 日志格式
审计日志格式是XML的形式,NEW要比OLD的标签详细一些。具体的标签信息如下: 实例:1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 |
|
:文件的根标签为,并以 为结束标签
:包含一系列的必选标签和可选标签,可选标签是否出现取决于audit record类型。
以下标签audit record类型决定是否出现
5. 审计限制
审计日志默认存放在data路径下,由于XML文件没有经过加密,官网建议通过参数指定到特殊路径下,设置相应人员权限,进行安全控制。 此外审计功能有如下情况不能进行记录: 1)只有top-level(无变量定义)的语句才能进行审计,存储程序如存储过程,触发器,函数等不审计; 2)涉及到外部文件的语句无法进行审计,如load data infile。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1377
52
What functions does Doubao app have?
Mar 01, 2024 pm 10:04 PM
There will be many AI creation functions in the Doubao app, so what functions does the Doubao app have? Users can use this software to create paintings, chat with AI, generate articles for users, help everyone search for songs, etc. This function introduction of the Doubao app can tell you the specific operation method. The specific content is below, so take a look! What functions does the Doubao app have? Answer: You can draw, chat, write articles, and find songs. Function introduction: 1. Question query: You can use AI to find answers to questions faster, and you can ask any kind of questions. 2. Picture generation: AI can be used to create different pictures for everyone. You only need to tell everyone the general requirements. 3. AI chat: can create an AI that can chat for users,
The difference between vivox100s and x100: performance comparison and function analysis
Mar 23, 2024 pm 10:27 PM
Both vivox100s and x100 mobile phones are representative models in vivo's mobile phone product line. They respectively represent vivo's high-end technology level in different time periods. Therefore, the two mobile phones have certain differences in design, performance and functions. This article will conduct a detailed comparison between these two mobile phones in terms of performance comparison and function analysis to help consumers better choose the mobile phone that suits them. First, let’s look at the performance comparison between vivox100s and x100. vivox100s is equipped with the latest
Comparative analysis of the functions and performance of JPA and MyBatis
Feb 19, 2024 pm 05:43 PM
JPA and MyBatis: Function and Performance Comparative Analysis Introduction: In Java development, the persistence framework plays a very important role. Common persistence frameworks include JPA (JavaPersistenceAPI) and MyBatis. This article will conduct a comparative analysis of the functions and performance of the two frameworks and provide specific code examples. 1. Function comparison: JPA: JPA is part of JavaEE and provides an object-oriented data persistence solution. It is passed annotation or X
What exactly is self-media? What are its main features and functions?
Mar 21, 2024 pm 08:21 PM
With the rapid development of the Internet, the concept of self-media has become deeply rooted in people's hearts. So, what exactly is self-media? What are its main features and functions? Next, we will explore these issues one by one. 1. What exactly is self-media? We-media, as the name suggests, means you are the media. It refers to an information carrier through which individuals or teams can independently create, edit, publish and disseminate content through the Internet platform. Different from traditional media, such as newspapers, television, radio, etc., self-media is more interactive and personalized, allowing everyone to become a producer and disseminator of information. 2. What are the main features and functions of self-media? 1. Low threshold: The rise of self-media has lowered the threshold for entering the media industry. Cumbersome equipment and professional teams are no longer needed.
What is a Bluetooth adapter used for?
Feb 19, 2024 pm 05:22 PM
What does a Bluetooth adapter do? With the continuous development of science and technology, wireless communication technology has also been rapidly developed and popularized. Among them, Bluetooth technology, as a short-distance wireless communication technology, is widely used in data transmission and connection between various devices. The Bluetooth adapter plays a vital role as an important device that supports Bluetooth communication. A Bluetooth adapter is a device that can turn a non-Bluetooth device into a device that supports Bluetooth communication. It realizes wireless connection and data transmission between devices by converting wireless signals into Bluetooth signals. Bluetooth adapter
What are the functions of Xiaohongshu account management software? How to operate a Xiaohongshu account?
Mar 21, 2024 pm 04:16 PM
As Xiaohongshu becomes popular among young people, more and more people are beginning to use this platform to share various aspects of their experiences and life insights. How to effectively manage multiple Xiaohongshu accounts has become a key issue. In this article, we will discuss some of the features of Xiaohongshu account management software and explore how to better manage your Xiaohongshu account. As social media grows, many people find themselves needing to manage multiple social accounts. This is also a challenge for Xiaohongshu users. Some Xiaohongshu account management software can help users manage multiple accounts more easily, including automatic content publishing, scheduled publishing, data analysis and other functions. Through these tools, users can manage their accounts more efficiently and increase their account exposure and attention. In addition, Xiaohongshu account management software has
What is Discuz? Definition and function introduction of Discuz
Mar 03, 2024 am 10:33 AM
"Exploring Discuz: Definition, Functions and Code Examples" With the rapid development of the Internet, community forums have become an important platform for people to obtain information and exchange opinions. Among the many community forum systems, Discuz, as a well-known open source forum software in China, is favored by the majority of website developers and administrators. So, what is Discuz? What functions does it have, and how can it help our website? This article will introduce Discuz in detail and attach specific code examples to help readers learn more about it.
PHP Tips: Quickly Implement Return to Previous Page Function
Mar 09, 2024 am 08:21 AM
PHP Tips: Quickly implement the function of returning to the previous page. In web development, we often encounter the need to implement the function of returning to the previous page. Such operations can improve the user experience and make it easier for users to navigate between web pages. In PHP, we can achieve this function through some simple code. This article will introduce how to quickly implement the function of returning to the previous page and provide specific PHP code examples. In PHP, we can use $_SERVER['HTTP_REFERER'] to get the URL of the previous page
