MySQL Enterprise Audit is based on the audit log plugin and related elements:
A server-side plugin named
audit_logexamines auditable events and determines whether to write them to the audit log.
A set of functions enables manipulation of filtering definitions that control logging behavior, the encryption password, and log file reading.
Tables in the
mysqlsystem database provide persistent storage of filter and user account data, unless you set the
audit_log_databasesystem variable at server startup to specify a different database.
System variables enable audit log configuration and status variables provide runtime operational information.
AUDIT_ADMINprivilege enable users to administer the audit log, and (from MySQL 8.0.28) the
AUDIT_ABORT_EXEMPTprivilege enables system users to execute queries that would otherwise be blocked by an “abort” item in the audit log filter.