ADADADADAD

MySQL 5.7.24安装MySQL审计插件小记[ mysql数据库 ]

mysql数据库时间：2024-12-24 19:11:24

作者：文/会员上传

如何提高mysql查询效率

简介：

1).到网站(https://bintray.com/version/files/mcafee/mysql-audit-plugin/release/1.1.7-805)下载插件audit-plugin-mysql-5.7-1.1.7-805-linux-x86_64.zip2).上传到MySQL

以下为本文的正文内容，内容仅供参考！本站为公益性网站，复制本文以及下载DOC文档全部免费。

1).到网站(https://bintray.com/version/files/mcafee/mysql-audit-plugin/release/1.1.7-805)下载插件audit-plugin-mysql-5.7-1.1.7-805-linux-x86_64.zip

2).上传到MySQL机器并解压缩：

#unzip audit-plugin-mysql-5.7-1.1.7-805-linux-x86_64.zip

Archive: audit-plugin-mysql-5.7-1.1.7-805-linux-x86_64.zip

creating: audit-plugin-mysql-5.7-1.1.7-805/

creating: audit-plugin-mysql-5.7-1.1.7-805/lib/

inflating: audit-plugin-mysql-5.7-1.1.7-805/lib/libaudit_plugin.so

inflating: audit-plugin-mysql-5.7-1.1.7-805/COPYING

inflating: audit-plugin-mysql-5.7-1.1.7-805/THIRDPARTY.txt

inflating: audit-plugin-mysql-5.7-1.1.7-805/README.txt

inflating: audit-plugin-mysql-5.7-1.1.7-805/plugin-name.txt

creating: audit-plugin-mysql-5.7-1.1.7-805/utils/

inflating: audit-plugin-mysql-5.7-1.1.7-805/utils/offset-extract.sh

3).查看mysql的插件目录:

mysql> show global variables like 'plugin_dir';

+---------------+-------------------------------------+

| Variable_name | Value |

+---------------+-------------------------------------+

| plugin_dir| /usr/local/mysql-5.7.24/lib/plugin/ |

+---------------+-------------------------------------+

1 row in set (0.01 sec)

4).拷贝libaudit_plugin.so到mysql插件目录:

# cp lib/libaudit_plugin.so /usr/local/mysql-5.7.24/lib/plugin/

5).安装libaudit_plugin.so插件：

mysql> install plugin audit soname 'libaudit_plugin.so';

Query OK, 0 rows affected (3.97 sec)

6).开启审计功能:

mysql> set global audit_json_file=1;

Query OK, 0 rows affected (0.00 sec)

7).在mysql的数据文件目录里生成审计日志：

mysql> show variables like 'datadir';

+---------------+-------------------+

| Variable_name | Value|

+---------------+-------------------+

| datadir | /home/mysql/data/ |

+---------------+-------------------+

1 row in set (0.01 sec)

8).查看审计日志内容:

#less /home/mysql/data/mysql-audit.json

{"msg-type":"header","date":"1550816633651","audit-version":"1.1.7-805","audit-protocol-version":"1.0","hostname":"test2","mysql-version":"5.7.24-log","mysql-program":"/usr/local/mysql-5.7.24/bin/mysqld","mysql-socket":"/tmp/mysql.sock","mysql-port":"3306","server_pid":"6485"}

{"msg-type":"activity","date":"1550816633651","thread-id":"126897","query-id":"3356369","user":"root","priv_user":"root","ip":"","host":"localhost","connect_attrs":{"_os":"linux-glibc2.12","_client_name":"libmysql","_pid":"13108","_client_version":"5.7.24","_platform":"x86_64","program_name":"mysql"},"pid":"13108","os_user":"root","appname":"mysql","status":"0","cmd":"set_option","query":"set global audit_json_file=1"}

{"msg-type":"activity","date":"1550816634816","thread-id":"126952","query-id":"0","user":"monitor","priv_user":"","ip":"192.168.140.52","host":"192.168.140.52","connect_attrs":{"_os":"Linux","_client_name":"libmariadb","_pid":"21686","_client_version":"2.3.1","_platform":"x86_64","program_name":"proxysql_monitor"},"status":"1045","cmd":"Failed Login","query":"Failed Login"}

................................................................................................................................................................

9).查看加载的审计插件:

mysql> select * from INFORMATION_SCHEMA.PLUGINS where PLUGIN_NAME like '%AUDIT%';

+-------------+----------------+---------------+-------------+---------------------+--------------------+------------------------+---------------+--------------------------------------------------------------+----------------+-------------+

| AUDIT | 1.0| ACTIVE| AUDIT | 4.1| libaudit_plugin.so | 1.6| McAfee Inc| AUDIT plugin, creates a file mysql-audit.log to log activity | GPL| ON |

1 row in set (0.00 sec)

10).查看MySQL审计相关参数:

mysql> show global variables like '%audit%';

+---------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

| Variable_name | Value |

| audit_before_after | after |

| audit_checksum ||

| audit_client_capabilities | OFF|

| audit_delay_cmds||

| audit_delay_ms | 0 |

| audit_force_record_logins | OFF|

| audit_header_msg| ON |

| audit_json_file| ON |

| audit_json_file_bufsize| 1 |

| audit_json_file_flush | OFF|

| audit_json_file_retry | 60 |

| audit_json_file_sync| 0 |

| audit_json_log_file| mysql-audit.json|

| audit_json_socket | OFF|

| audit_json_socket_name | /var/run/db-audit/mysql.audit__home_mysql_data_3306|

| audit_json_socket_retry| 10 |

| audit_json_socket_write_timeout | 1000|

| audit_offsets ||

| audit_offsets_by_version| ON |

| audit_password_masking_cmds| CREATE_USER,GRANT,SET_OPTION,SLAVE_START,CREATE_SERVER,ALTER_SERVER,CHANGE_MASTER,UPDATE|

| audit_password_masking_regex| identified(?:/\*.*?\*/|\s)*?by(?:/\*.*?\*/|\s)*?(?:password)?(?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"]|password(?:/\*.*?\*/|\s)*?\((?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"](?:/\*.*?\*/|\s)*?\)|password(?:/\*.*?\*/|\s)*?(?:for(?:/\*.*?\*/|\s)*?\S+?)?(?:/\*.*?\*/|\s)*?=(?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"]|password(?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"] |

| audit_record_cmds ||

| audit_record_objs ||

| audit_sess_connect_attrs| ON |

| audit_socket_creds | ON |

| audit_uninstall_plugin | OFF|

| audit_validate_checksum| ON |

| audit_validate_offsets_extended | ON |

| audit_whitelist_cmds| BEGIN,COMMIT,PING |

| audit_whitelist_users ||

30 rows in set (0.01 sec)

MySQL 5.7.24安装MySQL审计插件小记.docx

将本文的Word文档下载到电脑

下载

热门标签: 5.7.24审计插件

精品

申请https需要什么条件

MySQL 5.7.24安装MySQL审计插件小记[ mysql数据库 ]

MySQL 5.7.24安装MySQL审计插件小记.docx

精品

热门推荐

大家都在看