MySQL 5.7.24安裝MySQL審計外掛小記
1).到網站()下載外掛audit-plugin-mysql-5.7-1.1.7-805-linux-x86_64.zip
2).上傳到MySQL機器並解壓縮:
#unzip audit-plugin-mysql-5.7-1.1.7-805-linux-x86_64.zip
Archive: audit-plugin-mysql-5.7-1.1.7-805-linux-x86_64.zip
creating: audit-plugin-mysql-5.7-1.1.7-805/
creating: audit-plugin-mysql-5.7-1.1.7-805/lib/
inflating: audit-plugin-mysql-5.7-1.1.7-805/lib/libaudit_plugin.so
inflating: audit-plugin-mysql-5.7-1.1.7-805/COPYING
inflating: audit-plugin-mysql-5.7-1.1.7-805/THIRDPARTY.txt
inflating: audit-plugin-mysql-5.7-1.1.7-805/README.txt
inflating: audit-plugin-mysql-5.7-1.1.7-805/plugin-name.txt
creating: audit-plugin-mysql-5.7-1.1.7-805/utils/
inflating: audit-plugin-mysql-5.7-1.1.7-805/utils/offset-extract.sh
3).檢視mysql的外掛目錄:
mysql> show global variables like 'plugin_dir';
+---------------+-------------------------------------+
| Variable_name | Value |
+---------------+-------------------------------------+
| plugin_dir | /usr/local/mysql-5.7.24/lib/plugin/ |
+---------------+-------------------------------------+
1 row in set (0.01 sec)
4).複製libaudit_plugin.so到mysql外掛目錄:
# cp lib/libaudit_plugin.so /usr/local/mysql-5.7.24/lib/plugin/
5).安裝libaudit_plugin.so外掛:
mysql> install plugin audit soname 'libaudit_plugin.so';
Query OK, 0 rows affected (3.97 sec)
6).開啟審計功能:
mysql> set global audit_json_file=1;
Query OK, 0 rows affected (0.00 sec)
7).在mysql的資料檔案目錄裡生成審計日誌:
mysql> show variables like 'datadir';
+---------------+-------------------+
| Variable_name | Value |
+---------------+-------------------+
| datadir | /home/mysql/data/ |
+---------------+-------------------+
1 row in set (0.01 sec)
8).檢視審計日誌內容:
#less /home/mysql/data/mysql-audit.json
{"msg-type":"header","date":"1550816633651","audit-version":"1.1.7-805","audit-protocol-version":"1.0","hostname":"test2","mysql-version":"5.7.24-log","mysql-program":"/usr/local/mysql-5.7.24/bin/mysqld","mysql-socket":"/tmp/mysql.sock","mysql-port":"3306","server_pid":"6485"}
{"msg-type":"activity","date":"1550816633651","thread-id":"126897","query-id":"3356369","user":"root","priv_user":"root","ip":"","host":"localhost","connect_attrs":{"_os":"linux-glibc2.12","_client_name":"libmysql","_pid":"13108","_client_version":"5.7.24","_platform":"x86_64","program_name":"mysql"},"pid":"13108","os_user":"root","appname":"mysql","status":"0","cmd":"set_option","query":"set global audit_json_file=1"}
{"msg-type":"activity","date":"1550816634816","thread-id":"126952","query-id":"0","user":"monitor","priv_user":"","ip":"192.168.140.52","host":"192.168.140.52","connect_attrs":{"_os":"Linux","_client_name":"libmariadb","_pid":"21686","_client_version":"2.3.1","_platform":"x86_64","program_name":"proxysql_monitor"},"status":"1045","cmd":"Failed Login","query":"Failed Login"}
{"msg-type":"activity","date":"1550816634816","thread-id":"126952","query-id":"0","user":"monitor","priv_user":"","ip":"192.168.140.52","host":"192.168.140.52","connect_attrs":{"_os":"Linux","_client_name":"libmariadb","_pid":"21686","_client_version":"2.3.1","_platform":"x86_64","program_name":"proxysql_monitor"},"cmd":"Connect","query":"Connect"}
................................................................................................................................................................
................................................................................................................................................................
................................................................................................................................................................
................................................................................................................................................................
9).檢視載入的審計外掛:
mysql> select * from INFORMATION_SCHEMA.PLUGINS where PLUGIN_NAME like '%AUDIT%';
+-------------+----------------+---------------+-------------+---------------------+--------------------+------------------------+---------------+--------------------------------------------------------------+----------------+-------------+
| PLUGIN_NAME | PLUGIN_VERSION | PLUGIN_STATUS | PLUGIN_TYPE | PLUGIN_TYPE_VERSION | PLUGIN_LIBRARY | PLUGIN_LIBRARY_VERSION | PLUGIN_AUTHOR | PLUGIN_DESCRIPTION | PLUGIN_LICENSE | LOAD_OPTION |
+-------------+----------------+---------------+-------------+---------------------+--------------------+------------------------+---------------+--------------------------------------------------------------+----------------+-------------+
| AUDIT | 1.0 | ACTIVE | AUDIT | 4.1 | libaudit_plugin.so | 1.6 | McAfee Inc | AUDIT plugin, creates a file mysql-audit.log to log activity | GPL | ON |
+-------------+----------------+---------------+-------------+---------------------+--------------------+------------------------+---------------+--------------------------------------------------------------+----------------+-------------+
1 row in set (0.00 sec)
10).檢視MySQL審計相關引數:
mysql> show global variables like '%audit%';
+---------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Variable_name | Value |
+---------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| audit_before_after | after |
| audit_checksum | |
| audit_client_capabilities | OFF |
| audit_delay_cmds | |
| audit_delay_ms | 0 |
| audit_force_record_logins | OFF |
| audit_header_msg | ON |
| audit_json_file | ON |
| audit_json_file_bufsize | 1 |
| audit_json_file_flush | OFF |
| audit_json_file_retry | 60 |
| audit_json_file_sync | 0 |
| audit_json_log_file | mysql-audit.json |
| audit_json_socket | OFF |
| audit_json_socket_name | /var/run/db-audit/mysql.audit__home_mysql_data_3306 |
| audit_json_socket_retry | 10 |
| audit_json_socket_write_timeout | 1000 |
| audit_offsets | |
| audit_offsets_by_version | ON |
| audit_password_masking_cmds | CREATE_USER,GRANT,SET_OPTION,SLAVE_START,CREATE_SERVER,ALTER_SERVER,CHANGE_MASTER,UPDATE |
| audit_password_masking_regex | identified(?:/\*.*?\*/|\s)*?by(?:/\*.*?\*/|\s)*?(?:password)?(?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"]|password(?:/\*.*?\*/|\s)*?\((?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"](?:/\*.*?\*/|\s)*?\)|password(?:/\*.*?\*/|\s)*?(?:for(?:/\*.*?\*/|\s)*?\S+?)?(?:/\*.*?\*/|\s)*?=(?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"]|password(?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"] |
| audit_record_cmds | |
| audit_record_objs | |
| audit_sess_connect_attrs | ON |
| audit_socket_creds | ON |
| audit_uninstall_plugin | OFF |
| audit_validate_checksum | ON |
| audit_validate_offsets_extended | ON |
| audit_whitelist_cmds | BEGIN,COMMIT,PING |
| audit_whitelist_users | |
+---------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
30 rows in set (0.01 sec)
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/15498/viewspace-2636692/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- MySQL5.6 audit審計外掛安裝初探MySql
- MySQL審計外掛介紹MySql
- CentOS7.3 安裝 MySQL 5.7.24CentOSMySql
- mysql使用mariadb審計外掛MySql
- MySQL審計外掛-MariaDB Audit PluginMySqlPlugin
- 批處理安裝綠色版MySQL 5.7.24MySql
- mysql安裝記MySql
- MySQL外掛呼叫MySql
- mysql安裝方式小結MySql
- MySQL審計auditMySql
- MySQL審計功能MySql
- 【Mysql】mysql開啟審計功能MySql
- 基於等保3.0的MySQL資料庫審計日誌外掛實踐MySql資料庫
- Centos 安裝Mysql記錄CentOSMySql
- Redmine外掛的安裝與解除安裝,知識庫外掛安裝。
- docker 安裝mysql並掛載資料DockerMySql
- EOSIO MySQL 外掛 issue 2MySql
- EOSIO MySQL 外掛 issue 1MySql
- CentOS+Apache+Mysql+Php安裝及優化配置小記CentOSApacheMySqlPHP優化
- retdec 外掛安裝
- Elasticsearch外掛安裝Elasticsearch
- VIM 外掛安裝
- [mysql]ubuntu安裝mysqlMySqlUbuntu
- mysql啟用審計功能MySql
- mysql審計日誌-ProxySQLMySql
- flash外掛怎麼安裝 電腦安裝flash外掛步驟
- ubuntu mysql 安裝和外網訪問配置UbuntuMySql
- MySQL 密碼增強外掛MySql密碼
- 安裝mysql和mysql workbenchMySql
- mysql 安裝MySql
- MySQL安裝MySql
- 安裝mysqlMySql
- ATOM 安裝外掛
- 如何安裝 Vim 外掛
- ubuntu 常用外掛安裝Ubuntu
- php常用外掛安裝PHP
- Sublime安裝PlantUML外掛
- Sublime使用,安裝外掛