- Contents
- System Variables
- Options
- There are a several options and system variables related to the MariaDB Audit Plugin, once it has been installed. System variables can be displayed using the SHOW VARIABLES https://mariadb.com/kb/en/show-variables/ statement like so:
- SHOW GLOBAL VARIABLES LIKE '%server_audit%';
- +-------------------------------+-----------------------+
- | Variable_name | Value |
- +-------------------------------+-----------------------+
- | server_audit_events | CONNECT,QUERY,TABLE |
- | server_audit_excl_users | |
- | server_audit_file_path | server_audit.log |
- | server_audit_file_rotate_now | OFF |
- | server_audit_file_rotate_size | 1000000 |
- | server_audit_file_rotations | 9 |
- | server_audit_incl_users | |
- | server_audit_logging | ON |
- | server_audit_mode | 0 |
- | server_audit_output_type | file |
- | server_audit_query_log_limit | 1024 |
- | server_audit_syslog_facility | LOG_USER |
- | server_audit_syslog_ident | MySQL-server_auditing |
- | server_audit_syslog_info | |
- | server_audit_syslog_priority | LOG_INFO |
- +-------------------------------+-----------------------+
- To change the value of one of these variables, you can use the SET statement, or set them at the command-line when starting MariaDB. It's recommended that you set them in the MariaDB configuration for the server like so:
- [mariadb]
- ...
- server_audit_excl_users='bob,ted'
- ...
- System Variables
- Below is a list of all system variables related to the Audit Plugin. See Server System Variables https://mariadb.com/kb/en/server-system-variables/ for a complete list of system variables and instructions on setting them. See also the full list of MariaDB options, system and status variables.
- server_audit_events
- Description: If set, then this restricts audit logging to certain event types. If not set, then every event type is logged to the audit log. For example: SET GLOBAL server_audit_events='connect, query'
- Commandline:
- --server-audit-events=value
- Scope: Global
- Dynamic: Yes
- Data Type: string
- Default Value: Empty string
- Valid Values:
- CONNECT, QUERY, TABLE (MariaDB Audit Plugin <1.2.0)
- CONNECT, QUERY, TABLE, QUERY_DDL, QUERY_DML (MariaDB Audit Plugin>= 1.2.0)
- CONNECT, QUERY, TABLE, QUERY_DDL, QUERY_DML, QUERY_DCL (MariaDB Audit Plugin>=1.3.0)
- CONNECT, QUERY, TABLE, QUERY_DDL, QUERY_DML, QUERY_DCL, QUERY_DML_NO_SELECT (MariaDB Audit Plugin>= 1.4.4)
- See MariaDB Audit Plugin - Versions to determine which MariaDB releases contain each MariaDB Audit Plugin versions.
- server_audit_excl_users
- Description: If not empty, it contains the list of users whose activity will NOT be logged. For example:
- SET GLOBAL server_audit_excl_users='user_foo, user_bar'
- . CONNECT records aren't affected by this variable - they are always logged. The user is still logged if it's specified in .
- Commandline:
- --server-audit-excl-users=value
- Scope: Global
- Dynamic: Yes
- Data Type: string
- Default Value: Empty string
- Size limit: 1024 characters
- server_audit_file_path
- Description: When server_audit_output_type=file, sets the path and the filename to the log file. If the specified path exists as a directory, then the log will be created inside that directory with the name 'server_audit.log'. Otherwise the value is treated as a filename. The default value is 'server_audit.log', which means this file will be created in the database directory.
- Commandline:
- --server-audit-file-path=value
- Scope: Global
- Dynamic: Yes
- Data Type: string
- Default Value: server_audit.log
- server_audit_file_rotate_now
- Description: When server_audit_output_type=file, the user can force the log file rotation by setting this variable to ON or 1.
- Commandline:
- --server-audit-rotate-now[={0|1}]
- Scope: Global
- Dynamic: Yes
- Data Type: boolean
- Default Value: OFF
- server_audit_file_rotate_size
- Description: When server_audit_output_type=file, it limits the size of the log file. Reaching that limit turns on the rotation - the current log file is renamed as 'file_path.1'. The empty log file is created as 'file_path' to log into it. The default value is 1000000.
- Commandline:
- --server-audit-rotate-size=#
- Scope: Global
- Dynamic: Yes
- Data Type: numeric
- Default Value:
- 1000000
- server_audit_file_rotations
Description: When server_audit_output_type=file', this specifies the number of rotations to save. If set to 0 then the log never rotates. The default value is 9.
- Commandline:
- --server-audit-rotations=#
- Scope: Global
- Dynamic: Yes
- Data Type: numeric
- Default Value:
- 9
- Range: 0 to
- 999
- server_audit_incl_users
- Description: If not empty, it contains a comma-delimited list of users whose activity will be logged. For example:
- SET GLOBAL server_audit_incl_users='user_foo, user_bar'
. CONNECT records aren't affected by this variable - they are always logged. This setting has higher priority than . So if the same user is specified both in incl_ and excl_ lists, they will still be logged.
- Commandline:
- --server-audit-incl-users=value
- Scope: Global
- Dynamic: Yes
- Data Type: string
- Default Value: Empty string
- Size limit: 1024 characters
- server_audit_loc_info
Description: Used by plugin internals. It has no useful meaning to users.
In earlier versions, users see it as a read-only variable.
In later versions, it is hidden from the user.
- Commandline: N/A
- Scope: Global
- Dynamic: No
- Data Type: string
- Default Value: Empty string
- Introduced: MariaDB 10.1.12, MariaDB 10.0.24, MariaDB 5.5.48
- Hidden: MariaDB 10.1.18, MariaDB 10.0.28, MariaDB 5.5.53
- server_audit_logging
- Description: Enables/disables the logging. Expected values are ON/OFF. For example:
- SET GLOBAL server_audit_logging=on
If the server_audit_output_type is FILE, this will actually create/open the logfile so the should be properly specified beforehand. Same about the SYSLOG-related parameters. The logging is turned off by default.
- Commandline:
- --server-audit-logging[={
- 0|1
- }]
- Scope: Global
- Dynamic: Yes
- Data Type: boolean
- Default Value: OFF
- server_audit_mode
- Description: This variable doesn't have any distinctive meaning for a user. Its value mostly reflects the server version with which the plugin was started and is intended to be used by developers for testing.
- Commandline:
- --server-audit-mode[=#]
- server_audit_output_type
Description: Specifies the desired output type. Can be SYSLOG or FILE. For example:
- SET GLOBAL server_audit_output_type=file
- file: log records will be saved into the rotating log file. The name of the file set by variable. syslog: log records will be sent to the local syslogd daemon with the standard <syslog.h> API. The default value is 'file'.
- Commandline:
- --server-audit-output-type=value
- Scope: Global
- Dynamic: Yes
- Data Type: enum
- Default Value: file
- Valid Values: SYSLOG or FILE
- server_audit_query_log_limit
Description: Limit on the length of the query string in a record.
- Commandline:
- --server-audit-query-log-limit=#
- Scope: Global
- Dynamic: Yes
- Data Type: numeric
- Default Value:
- 1024
- Range: 0 to
- 2147483647
- Introduced: MariaDB 5.5.43, MariaDB 10.0.18, MariaDB 10.1.5
- server_audit_syslog_facility
Description: SYSLOG-mode variable. It defines the 'facility' of the records that will be sent to the syslog. Later the log can be filtered by this parameter.
- Commandline:
- --server-audit-syslog-facility=value
- Scope: Global
- Dynamic: Yes
- Data Type: enum
- Default Value: LOG_USER
- Valid Values: LOG_USER, LOG_MAIL, LOG_DAEMON, LOG_AUTH, LOG_SYSLOG, LOG_LPR, LOG_NEWS, LOG_UUCP, LOG_CRON, LOG_AUTHPRIV, LOG_FTP, and LOG_LOCAL0-LOG_LOCAL7.
- server_audit_syslog_ident
Description: SYSLOG-mode variable. String value for the 'ident' part of each syslog record. Default value is 'mysql-server_auditing'. New value becomes effective only after restarting the logging.
- Commandline:
- --server-audit-syslog-ident=value
- Scope: Global
- Dynamic: Yes
- Data Type: string
- Default Value:
- MySQL-server_auditing
- server_audit_syslog_info
Description: SYSLOG-mode variable. The 'info' string to be added to the syslog records. Can be changed any time.
- Commandline:
- --server-audit-syslog-info=value
- Scope: Global
- Dynamic: Yes
- Data Type: string
- Default Value: Empty string
- server_audit_syslog_priority
- Description: SYSLOG-mode variable. Defines the priority of the log records for the syslogd.
- Commandline:
- --server-audit-syslog-priority=value
- Scope: Global
- Dynamic: Yes
- Data Type: enum
- Default Value: LOG_INFO
- Valid Values:LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR, LOG_WARNING, LOG_NOTICE, LOG_INFO, LOG_DEBUG
- Options
- server_audit
Description: Controls how the server should treat the plugin when the server starts up.
- Valid values are:
- OFF - Disables the plugin without removing it from the MySQL.plugins https://mariadb.com/kb/en/mysqlplugin-table/ table.
- ON - Enables the plugin. If the plugin cannot be initialized, then the server will still continue starting up, but the plugin will be disabled.
- FORCE - Enables the plugin. If the plugin cannot be initialized, then the server will fail to start with an error.
- FORCE_PLUS_PERMANENT
- Enables the plugin. If the plugin cannot be initialized, then the server will fail to start with an error. In addition, the plugin cannot be uninstalled with UNINSTALL SONAME https://mariadb.com/kb/en/uninstall-soname/ or UNINSTALL PLUGIN https://mariadb.com/kb/en/uninstall-plugin/ while the server is running.
- See MariaDB Audit Plugin - Installation: Prohibiting Uninstallation for more information on one use case.
- See Plugin Overview: Configuring Plugin Activation at Server Startup for more information.
- Commandline: --server-audit=val
- Data Type: enumerated
- Default Value: ON
- Valid Values: OFF, ON, FORCE,
- FORCE_PLUS_PERMANENT
来源: http://www.bubuko.com/infodetail-3461491.html