Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/mysql/66.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
如何按用户帐户过滤mysql审计日志_Mysql_Sql_Audit Logging - Fatal编程技术网
Fatal编程技术网
  • mysql/
  • 如何按用户帐户过滤mysql审计日志

如何按用户帐户过滤mysql审计日志

mysql sql

如何按用户帐户过滤mysql审计日志,mysql,sql,audit-logging,Mysql,Sql,Audit Logging,我的问题是,我甚至从审核日志中禁用了root用户,但仍然为这些用户进行日志记录。任何人都请帮忙。这是我一步一步做的 [Setp-1]检查审核日志变量 mysql> SHOW VARIABLES LIKE 'audit_log%'; +-----------------------------+--------------+ | Variable_name | Value | +-----------------------------+------

我的问题是,我甚至从审核日志中禁用了root用户,但仍然为这些用户进行日志记录。任何人都请帮忙。这是我一步一步做的

[Setp-1]检查审核日志变量

mysql> SHOW VARIABLES LIKE 'audit_log%';
+-----------------------------+--------------+
| Variable_name               | Value        |
+-----------------------------+--------------+
| audit_log_buffer_size       | 1048576      |
| audit_log_connection_policy | ALL          |
| audit_log_current_session   | ON           |
| audit_log_exclude_accounts  |              |
| audit_log_file              | audit.log    |
| audit_log_flush             | OFF          |
| audit_log_format            | OLD          |
| audit_log_include_accounts  |              |
| audit_log_policy            | ALL          |
| audit_log_rotate_on_size    | 0            |
| audit_log_statement_policy  | ALL          |
| audit_log_strategy          | ASYNCHRONOUS |
+-----------------------------+--------------+
12 rows in set (0.00 sec)
[Setp-2] 下面的语句是禁用root帐户的审核日志记录

-- audit_log_include_accounts to NULL
SET GLOBAL audit_log_include_accounts = NULL;
SET GLOBAL audit_log_exclude_accounts = root@%;
注意:我使用了根@%代替root@localhost因为此数据库服务器可以从其他ip地址访问

[Setp-3]我从远程PC调用SSVR_AUDIT_LOG中的select语句
select*

[步骤4]我检查了DB server中的审核日志


 <AUDIT_RECORD TIMESTAMP="2016-04-22T03:49:11 UTC" RECORD_ID="593_2016-04-22T01:28:17" NAME="Query" CONNECTION_ID="6" STATUS="0" STATUS_CODE="0" USER="root[root] @  [162.16.22.48]" OS_LOGIN="" HOST="" IP="162.16.22.48" COMMAND_CLASS="show_create_table" SQLTEXT="SHOW CREATE TABLE `SSVR_AUDIT_LOG`"/>
  <AUDIT_RECORD TIMESTAMP="2016-04-22T03:49:12 UTC" RECORD_ID="594_2016-04-22T01:28:17" NAME="Query" CONNECTION_ID="7" STATUS="0" STATUS_CODE="0" USER="root[root] @  [162.16.22.48]" OS_LOGIN="" HOST="" IP="162.16.22.48" COMMAND_CLASS="select" SQLTEXT="SELECT * FROM `SSVR_AUDIT_LOG` LIMIT 0, 1000"/>
  <AUDIT_RECORD TIMESTAMP="2016-04-22T03:49:12 UTC" RECORD_ID="595_2016-04-22T01:28:17" NAME="Query" CONNECTION_ID="7" STATUS="0" STATUS_CODE="0" USER="root[root] @  [162.16.22.48]" OS_LOGIN="" HOST="" IP="162.16.22.48" COMMAND_CLASS="show_fields" SQLTEXT="SHOW COLUMNS FROM `tldssvr`.`SSVR_AUDIT_LOG`"/>
  <AUDIT_RECORD TIMESTAMP="2016-04-22T03:49:13 UTC" RECORD_ID="596_2016-04-22T01:28:17" NAME="Quit" CONNECTION_ID="7" STATUS="0" STATUS_CODE="0" USER="root" OS_LOGIN="" HOST="" IP="162.16.22.48" COMMAND_CLASS="connect"/>



我得到了问题的答案。这是正确的答案。当你面对这样的问题时,你可以遵循以下步骤

按帐户筛选审核日志


  • 列出所有“审核日志”配置项
    • 


    >mysql-u root-p
>显示变量,如“审核日志%”;
+-----------------------------+--------------+
|变量名称|值|
+-----------------------------+--------------+
|审核日志缓冲区大小1048576|
|审核日志连接策略所有|
|审核日志当前会话关闭|
|审计日志排除账户|
|audit_log_文件| audit.log|
|审计记录清除|
|审核日志格式|旧|
|审计日志包括账目|
|审核日志策略所有|
|审核日志旋转大小为0|
|审计日志声明政策所有|
|审计日志策略异步|
+-----------------------------+--------------+