MySQL Enterprise Audit is an extension included in MySQL Enterprise Edition, a commercial product. To learn more about commercial products, see http://www.mysql.com/products/.
As of MySQL 5.7.9, MySQL Enterprise Edition includes MySQL Enterprise Audit, implemented using a
server plugin named
audit_log. MySQL Enterprise Audit uses
the open MySQL Audit API to enable standard, policy-based
monitoring and logging of connection and query activity executed
on specific MySQL servers. Designed to meet the Oracle audit
specification, MySQL Enterprise Audit provides an out of box, easy to use
auditing and compliance solution for applications that are
governed by both internal and external regulatory guidelines.
When installed, the audit plugin enables MySQL Server to produce a log file containing an audit record of server activity. The log contents include when clients connect and disconnect, and what actions they perform while connected, such as which databases and tables they access.
After you install the plugin (see
Section 126.96.36.199, “Installing or Uninstalling MySQL Enterprise Audit”), it writes an audit log
file. By default, the file is named
in the server data directory. To change the name of the file, set
variable at server startup.
Audit log file contents are not encrypted. See Section 188.8.131.52, “MySQL Enterprise Audit Security Considerations”.
The audit log file is written in XML, with auditable events
<AUDIT_RECORD> elements. To
select the file format, set the
audit_log_format system variable
at server startup. For details on file format and contents, see
Section 184.108.40.206, “The Audit Log File”.
For more information about controlling how logging occurs, see Section 220.127.116.11, “Audit Log Logging Control”. To perform filtering of audited events, see Section 18.104.22.168, “Audit Log Filtering”. For descriptions of the parameters used to configure the audit log plugin, see Section 22.214.171.124.4, “Audit Log Options and Variables”.
audit_log plugin is enabled, the
Performance Schema (see Chapter 24, MySQL Performance Schema) has
instrumentation for the audit log plugin. To identify the relevant
instruments, use this query:
SELECT NAME FROM performance_schema.setup_instruments WHERE NAME LIKE '%/alog/%';