github
/
mysql-audit
mirror of https://github.com/mcafee-enterprise/mysql-audit
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Updated Configuration (markdown)

master
aharonrobbins 2016-12-07 10:23:09 +02:00
parent 803dc75d86
commit 81a959be9c
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
Configuration.md

@ -14,14 +14,16 @@ Available AUDIT Plugin system variables:
* **audit_record_cmds**: Comma separated list of commands to log to the audit trail. For example: `insert,update,delete`. * **audit_record_cmds**: Comma separated list of commands to log to the audit trail. For example: `insert,update,delete`.
* **audit_record_objs**: Comma separated list of objects (tables) to log to the audit trail. Table name should be specified as: `database.table`. Wild cards are supported and it is possible to specify: `*.mytable` or `mydb.*`. Specify: `{}` as part of the list to include the empty set to catch also cases where an activity has no objects (for example connect and quit). * **audit_record_objs**: Comma separated list of objects (tables) to log to the audit trail. Table name should be specified as: `database.table`. Wild cards are supported and it is possible to specify: `*.mytable` or `mydb.*`. Specify: `{}` as part of the list to include the empty set to catch also cases where an activity has no objects (for example connect and quit).
* **audit_whitelist_users**: Comma separated list of white-listed users whose queries are not recorded. Specify: `{}` as part of the list to include the empty user. * **audit_whitelist_users**: Comma separated list of white-listed users whose queries are not recorded. Specify: `{}` as part of the list to include the empty user.
* **audit_whitelist_cmds**: Comma separated list of white-listed cmds whose queries are not recorded. Introduced at version 1.0.6. * **audit_whitelist_cmds**: Comma separated list of white-listed cmds whose queries are not recorded. Introduced in version 1.0.6.
* **audit_force_record_logins**: Force logging: Connect, Quit and Failed Login commands, regardless of the settings in `audit_record_cmds` and `audit_record_objs` variables. ON|OFF. Default value: OFF. Introduced at version 1.0.8. * **audit_force_record_logins**: Force logging: Connect, Quit and Failed Login commands, regardless of the settings in `audit_record_cmds` and `audit_record_objs` variables. ON|OFF. Default value: OFF. Introduced in version 1.0.8.
* **audit_header_msg**: Header message logging ON|OFF. Default value: ON. Introduced at version 1.0.6. * **audit_header_msg**: Header message logging ON|OFF. Default value: ON. Introduced in version 1.0.6.
* **audit_password_masking_cmds**: Comma separated list of commands for which the password masking regex will be applied. Default value includes MySQL commands that may include a password clause: `CREATE_USER,GRANT,SET_OPTION,SLAVE_START,CREATE_SERVER,ALTER_SERVER,CHANGE_MASTER`. Introduced at version 1.0.6. * **audit_password_masking_cmds**: Comma separated list of commands for which the password masking regex will be applied. Default value includes MySQL commands that may include a password clause: `CREATE_USER,GRANT,SET_OPTION,SLAVE_START,CREATE_SERVER,ALTER_SERVER,CHANGE_MASTER`. Introduced in version 1.0.6.
* **audit_password_masking_regex**: PCRE compliant regular expression used for password masking. Regex will be applied only to statements with command type as specified at: `audit_password_masking_cmds`. Introduced at version 1.0.6. * **audit_password_masking_regex**: PCRE compliant regular expression used for password masking. Regex will be applied only to statements with command type as specified at: `audit_password_masking_cmds`. Introduced at version 1.0.6.
* **audit_json_file_retry**: json log file retry interval. If the plugin fails to open/write to the json log file, will retry to open every specified interval in seconds. Set for 0 to disable retrying. Defaults to 60 seconds. Introduced at version 1.0.6. * **audit_json_file_retry**: json log file retry interval. If the plugin fails to open/write to the json log file, will retry to open every specified interval in seconds. Set for 0 to disable retrying. Defaults to 60 seconds. Introduced in version 1.0.6.
* **audit_json_socket_retry**: json socket retry interval. If the plugin fails to connect/write to the json audit socket, will retry to connect every specified interval in seconds. Set for 0 to disable retrying. Defaults to 10 seconds. Introduced at version 1.0.6. * **audit_json_socket_retry**: json socket retry interval. If the plugin fails to connect/write to the json audit socket, will retry to connect every specified interval in seconds. Set for 0 to disable retrying. Defaults to 10 seconds. Introduced in version 1.0.6.
* **audit_json_file_bufsize**: json file buffer size in bytes used for logging. Value of 0 means default size, value of 1 means no buffering. Max value: 262144 (256KB). A larger value may improve performance when logging large statements (log entries larger than 4KB). Defaults to 0. If changed during run-time need, to perform a flush for the new value to take affect. Introduced in version 1.0.8. * **audit_json_file_bufsize**: json file buffer size in bytes used for logging. Value of 0 means default size, value of 1 means no buffering. Max value: 262144 (256KB). A larger value may improve performance when logging large statements (log entries larger than 4KB). Defaults to 0. If changed during run-time need, to perform a flush for the new value to take affect. Default is ON. Introduced in version 1.0.8.
* **audit_client_capabilities**: If enabled, the plugin sends the value of client capabilities bit map as an unsigned 64-bit value. Introduced in version 1.1.1.
* **audit_sess_connect_attrs**: If enabled, the plugin sends session connection attributes. Default is ON. Currently supported only on MySQL 5.6 and 5.7. Introduced in version 1.1.1
**Notes:** **Notes:**