Audit in MySQL 5.5

["José C. Massón"]

Hello,

I need to audit a MySQL 5.5 server. I need to log what some users do in
the server.
Activating general log is not an option.

Any ideas?

Best regards
--
José C. Massón

gcoop - Cooperativa de Software Libre
Velasco 508 Depto A
www.gcoop.coop (+54 11) 4855-4390
Buenos Aires - Argentina

[Will Gunty]

What degree of granularity do you need?  User Statistics in the Information_Schema may be a good start.

-- 
Will Gunty
Sent with Sparrow

--
You received this message because you are subscribed to the Google Groups "Percona Discussion" group.
To post to this group, send email to percona-d...@googlegroups.com.
To unsubscribe from this group, send email to percona-discuss...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/percona-discussion?hl=en.

["José C. Massón"]

El 19/09/11 17:47, Will Gunty escribi�:

> What degree of granularity do you need? User Statistics in the
> Information_Schema may be a good start.

I need to know all the querys/commands that some users (DBAs) run in the
server.

Best regards
--
Jos� C. Mass�n

[David Juntgen]

If you wanting to do this from a mysql client, then suggest you look at http://www.percona.com/docs/wiki/percona-server:features:mysql_syslog 

On Mon, Sep 19, 2011 at 5:23 PM, "José C. Massón" <jo...@gcoop.coop> wrote:

El 19/09/11 17:47, Will Gunty escribió:

> What degree of granularity do you need?  User Statistics in the
> Information_Schema may be a good start.

I need to know all the querys/commands that some users (DBAs) run in the
server.

Best regards
--
José C. Massón

gcoop - Cooperativa de Software Libre
Velasco 508 Depto A
www.gcoop.coop (+54 11) 4855-4390
Buenos Aires - Argentina

--
You received this message because you are subscribed to the Google Groups "Percona Discussion" group.
To post to this group, send email to percona-d...@googlegroups.com.
To unsubscribe from this group, send email to percona-discuss...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/percona-discussion?hl=en.

--
David W. Juntgen

[Mark Leith]

You could create an audit log plugin:

http://dev.mysql.com/doc/refman/5.5/en/writing-audit-plugins.html

It requires a little C knowledge though..

Cheers,

Mark Leith

On 19 Sep 2011, at 22:23, "José C. Massón" <jo...@gcoop.coop> wrote:

> El 19/09/11 17:47, Will Gunty escribió:

>> What degree of granularity do you need? User Statistics in the
>> Information_Schema may be a good start.
>
> I need to know all the querys/commands that some users (DBAs) run in the
> server.
>
> Best regards
> --

> José C. Massón

>
> gcoop - Cooperativa de Software Libre
> Velasco 508 Depto A
> www.gcoop.coop (+54 11) 4855-4390
> Buenos Aires - Argentina
>

[Baron Schwartz]

Mark, José,

That's what I was thinking too. You could also base the plugin on
Anders Karlsson's:
http://karlssonondatabases.blogspot.com/2010/03/mysql-audit-plugin-api.html

And if that isn't what is needed, then you can hire Percona to make one
that fits your needs :-) It is not a difficult task, but it seems it
hasn't really been done in a generic way (not enough demand?) yet.

- Baron

[Christopher Shumake]

Hey All,

The perl file for mysqlsniff is also an option (http://northernmost.org/blog/tool-tip-mysqlsniff/).

iank has taken down his site, but, so long as you don't touch prepared statements and you find a copy of the program somewhere, you can utilize up to a core of your machine sniffing incoming packets. It's a simple program sending to STDOUT, so string together your filters with pipes and you can build what you need from it. 

You can probably find iank on freenode with that nick (http://web.archive.org/web/20081121124329/http://iank.org/contact)

I've used it before in a production environment and it's rather awesome.

-Chris Shumake

[Bill Karwin]

You could use the Percona Toolkit's pt-query-digest tool with the "--
type binlog" option, to read the MySQL binary log.

This tool also has a "--filter" option so you can search for specific
patterns, using a Perl expression you design.

See http://www.percona.com/doc/percona-toolkit/pt-query-digest.html

Regards,
Bill Karwin

On Sep 19, 1:45 pm, "José C. Massón" <j...@gcoop.coop> wrote:
> Hello,
>
> I need to audit a MySQL 5.5 server. I need to log what some users do in
> the server.
> Activating general log is not an option.
>
> Any ideas?
>
> Best regards
> --
> José C. Massón
>
> gcoop - Cooperativa de Software Libre

> Velasco 508 Depto Awww.gcoop.coop(+54 11) 4855-4390
> Buenos Aires - Argentina

[Mark Leith]

That can easily be circumvented with 'set sql_log_bin = 0;', and also doesn't audit non-DML/DDL statements (SELECT et al), when auditing DBAs, you may need to take those in to account..

Cheers,

Mark Leith

["José C. Massón"]

El 19/09/11 18:36, Baron Schwartz escribi�:
> Mark, Jos�,

>
> That's what I was thinking too. You could also base the plugin on
> Anders Karlsson's:
> http://karlssonondatabases.blogspot.com/2010/03/mysql-audit-plugin-api.html
>
> And if that isn't what is needed, then you can hire Percona to make one
> that fits your needs :-) It is not a difficult task, but it seems it
> hasn't really been done in a generic way (not enough demand?) yet.

Hello Baron,

Thank you very much!. Looks very interesting. I'll test it.

Best regards
--
Jos� C. Mass�n

gcoop - Cooperativa de Software Libre