A server-side plugin named audit_log examines auditable events and determines whether to write them to the audit log.

A set of functions enables manipulation of filtering definitions that control logging behavior, the encryption password, and log file reading.

Tables in the mysql system database provide persistent storage of filter and user account data.

System variables enable audit log configuration and status variables provide runtime operational information.

The AUDIT_ADMIN privilege enable users to administer the audit log, and (from MySQL 8.0.28) the AUDIT_ABORT_EXEMPT privilege enables system users to execute queries that would otherwise be blocked by an “abort” item in the audit log filter.