- 184.108.40.206 Audit Log Components
- 220.127.116.11 Installing or Uninstalling MySQL Enterprise Audit
- 18.104.22.168 MySQL Enterprise Audit Security Considerations
- 22.214.171.124 Audit Log File Formats
- 126.96.36.199 Audit Log Logging Configuration
- 188.8.131.52 Audit Log Filtering
- 184.108.40.206 Legacy Mode Audit Log Filtering
- 220.127.116.11 Audit Log Reference
- 18.104.22.168 Audit Log Restrictions
MySQL Enterprise Audit is an extension included in MySQL Enterprise Edition, a commercial product. To learn more about commercial products, see https://www.mysql.com/products/.
MySQL Enterprise Edition includes MySQL Enterprise Audit, implemented using a server plugin named
audit_log. MySQL Enterprise Audit uses the open MySQL Audit
API to enable standard, policy-based monitoring, logging, and
blocking of connection and query activity executed on specific
MySQL servers. Designed to meet the Oracle audit specification,
MySQL Enterprise Audit provides an out of box, easy to use auditing and
compliance solution for applications that are governed by both
internal and external regulatory guidelines.
When installed, the audit plugin enables MySQL Server to produce a log file containing an audit record of server activity. The log contents include when clients connect and disconnect, and what actions they perform while connected, such as which databases and tables they access.
After you install the audit plugin (see
Section 22.214.171.124, “Installing or Uninstalling MySQL Enterprise Audit”), it writes an audit log
file. By default, the file is named
in the server data directory. To change the name of the file, set
variable at server startup.
By default, audit log file contents are written in new-style XML
format, without compression or encryption. To select the file
format, set the
system variable at server startup. For details on file format and
contents, see Section 126.96.36.199, “Audit Log File Formats”.
For more information about controlling how logging occurs, including audit log file naming and format selection, see Section 188.8.131.52, “Audit Log Logging Configuration”. To perform filtering of audited events, see Section 184.108.40.206, “Audit Log Filtering”. For descriptions of the parameters used to configure the audit log plugin, see Section 220.127.116.11.4, “Audit Log Options and Variables”.
If the audit log plugin is enabled, the Performance Schema (see Chapter 26, MySQL Performance Schema) has instrumentation for it. To identify the relevant instruments, use this query:
SELECT NAME FROM performance_schema.setup_instruments WHERE NAME LIKE '%/alog/%';