mysql 5.7安装mariadb审计插件

官方文档：
https://mariadb.com/kb/en/mariadb-audit-plugin/
参考文档：https://segmentfault.com/a/1190000042056617

下载10.5版本的 mariadb ，再高的版本不适合5.7

 

1、下载mariadb

下载界面：
https://dlm.mariadb.com/browse/mariadb_server/101/1956/bintar-linux-x86_64/

root@servername:~# wget https://dlm.mariadb.com/3708602/MariaDB/mariadb-10.5.24/bintar-linux-x86_64/mariadb-10.5.24-linux-x86_64.tar.gz
root@servername:~# tar xvf mariadb-10.5.24-linux-x86_64.tar.gz 
root@servername:~# cp mariadb-10.5.24-linux-x86_64/lib/plugin/server_audit.so /usr/local/mysql/lib/plugin/root@servername:~# chown mysql:mysql /usr/local/mysql/lib/plugin/server_audit.so
root@servername:~# chmod 755 /usr/local/mysql/lib/plugin/server_audit.so

 

2、登录mysql:

mysql> INSTALL PLUGIN server_audit SONAME 'server_audit.so';
Query OK, 0 rows affected (0.00 sec)
mysql>  show variables like '%audit%';
+-------------------------------+-----------------------+
| Variable_name                 | Value                 |
+-------------------------------+-----------------------+
| server_audit_events           |                       |
| server_audit_excl_users       |                       |
| server_audit_file_path        | server_audit.log      |
| server_audit_file_rotate_now  | OFF                   |
| server_audit_file_rotate_size | 1000000               |
| server_audit_file_rotations   | 9                     |
| server_audit_incl_users       |                       |
| server_audit_loc_info         |                       |
| server_audit_logging          | OFF                   |
| server_audit_mode             | 1                     |
| server_audit_output_type      | file                  |
| server_audit_query_log_limit  | 1024                  |
| server_audit_syslog_facility  | LOG_USER              |
| server_audit_syslog_ident     | mysql-server_auditing |
| server_audit_syslog_info      |                       |
| server_audit_syslog_priority  | LOG_INFO              |
+-------------------------------+-----------------------+
16 rows in set (0.00 sec)

mysql> 

mysql> set global server_audit_logging=on;
Query OK, 0 rows affected (0.00 sec)

mysql> SET GLOBAL server_audit_file_rotate_now = ON;
Query OK, 0 rows affected (0.00 sec)

mysql> set global server_audit_file_rotate_size=104857600;
Query OK, 0 rows affected (0.00 sec)

mysql> set global server_audit_file_path ='/usr/local/mysql/server_audit.log';
Query OK, 0 rows affected (0.00 sec)

mysql> set global server_audit_events='connect,table,query_ddl,query_dcl,query_dml_no_select';

 

3、新开会话登录

oot@servername:/usr/local/mysql# tail -f server_audit.log 
20240307 15:52:21,servername,root,127.0.0.1,4,0,DISCONNECT,,,0
20240307 15:52:22,servername,root,127.0.0.1,5,0,CONNECT,,,0