溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊(cè)×
其他方式登錄
點(diǎn)擊 登錄注冊(cè) 即表示同意《億速云用戶服務(wù)條款》

mariadb 10.1.xx 自帶數(shù)據(jù)庫審計(jì)插件,直接上操作過程

發(fā)布時(shí)間:2020-08-23 06:52:51 來源:網(wǎng)絡(luò) 閱讀:1083 作者:roidba 欄目:數(shù)據(jù)庫


MariaDB 10.1.20 最新版本使用自帶插件


192.168.1.91 開啟數(shù)據(jù)庫審計(jì)

192.168.1.94 遠(yuǎn)程訪問,執(zhí)行ddl,dml,dcl 可以細(xì)粒度審計(jì)



大早上起早來公司做測(cè)試,數(shù)據(jù)庫先裝的,直接上操作過程


[root@mysql91 /]# mysql -uroot -p

Enter password: 

Welcome to the MariaDB monitor.  Commands end with ; or \g.

Your MariaDB connection id is 4

Server version: 10.1.20-MariaDB MariaDB Server


Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.


Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.


MariaDB [(none)]> show databases;

+--------------------+

| Database           |

+--------------------+

| information_schema |

| mysql              |

| performance_schema |

| test               |

+--------------------+

4 rows in set (0.02 sec)


MariaDB [(none)]> use test

Database changed

MariaDB [test]> show tables;

Empty set (0.00 sec)


MariaDB [test]> 

MariaDB [test]> show variables like 'plugin_dir';

+---------------+------------------------------+

| Variable_name | Value                        |

+---------------+------------------------------+

| plugin_dir    | /usr/local/mysql/lib/plugin/ |

+---------------+------------------------------+

1 row in set (0.01 sec)


MariaDB [test]> install plugin server_audit SONAME 'server_audit.so';

Query OK, 0 rows affected (0.05 sec)


MariaDB [test]> show variables like 'server%';

+-------------------------------+-----------------------+

| Variable_name                 | Value                 |

+-------------------------------+-----------------------+

| server_audit_events           |                       |

| server_audit_excl_users       |                       |

| server_audit_file_path        | server_audit.log      |

| server_audit_file_rotate_now  | OFF                   |

| server_audit_file_rotate_size | 1000000               |

| server_audit_file_rotations   | 9                     |

| server_audit_incl_users       |                       |

| server_audit_logging          | OFF                   |

| server_audit_mode             | 0                     |

| server_audit_output_type      | file                  |

| server_audit_query_log_limit  | 1024                  |

| server_audit_syslog_facility  | LOG_USER              |

| server_audit_syslog_ident     | mysql-server_auditing |

| server_audit_syslog_info      |                       |

| server_audit_syslog_priority  | LOG_INFO              |

| server_id                     | 100                   |

+-------------------------------+-----------------------+

16 rows in set (0.00 sec)


MariaDB [test]> set global server_audit_logging=on;

Query OK, 0 rows affected (0.00 sec)


MariaDB [test]> set global server_audit_events='query_ddl';   --細(xì)粒度審計(jì)OK 

Query OK, 0 rows affected (0.00 sec)


MariaDB [test]> set global server_audit_events='query_dml';

Query OK, 0 rows affected (0.00 sec)


MariaDB [test]> set global server_audit_events='query_dcl';

Query OK, 0 rows affected (0.00 sec)


MariaDB [test]> grant select on *.* to roidba_r@'%' identified by 'roidba_r';

Query OK, 0 rows affected (0.00 sec)



查看日志的審計(jì)情況

[root@mysql91 mysql]# ls

aria_log.00000001  ib_buffer_pool  ib_logfile1  multi-master.info  mysql91.pid          server_audit.log

aria_log_control   ib_logfile0     ibdata1      mysql/             performance_schema/  test/

[root@mysql91 mysql]# tail -f server_audit.log 

20161227 13:49:55,mysql91,root,localhost,4,12,QUERY,test,'set global server_audit_logging=on',0

20161227 13:54:37,mysql91,roidba,192.168.1.94,6,21,QUERY,test,'create table t1 (id int)',0

20161227 13:56:28,mysql91,roidba,192.168.1.94,6,25,QUERY,test,'insert into t1 values(2)',0

20161227 13:56:51,mysql91,roidba,192.168.1.94,6,26,QUERY,test,'update t1 set id=2 where id=1',0

20161227 14:16:36,mysql91,root,localhost,4,32,QUERY,test,'grant select on *.* to roidba_r@\'%\' identified by *****',0



具體的參數(shù)調(diào)整,參數(shù)含義大家需要自己上官方網(wǎng)站查看,

我一直堅(jiān)持最好的文檔就是看官方文檔。


向AI問一下細(xì)節(jié)

免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI