From daed0b74c70afe2869c0afcaf2a1841c04a4cf42 Mon Sep 17 00:00:00 2001 From: Guy Lichtman Date: Wed, 11 Feb 2015 00:34:49 +0200 Subject: [PATCH] Updated Configuration (markdown) --- Configuration.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Configuration.md b/Configuration.md index 8e488cb..9545421 100644 --- a/Configuration.md +++ b/Configuration.md @@ -1,6 +1,6 @@ By default, after installation the AUDIT Plugin doesn't log activity. You must explicitly enable the type of logging desired. Configuration is done through the use of MySQL system variables. AUDIT Plugin system variables can be set at server startup using options on the command line or in the MySQL option file (my.cnf at the [mysqld] section). Additionally, most AUDIT Plugin system variables can be changed dynamically while the server is running by means of the SET statement. -Available AUDIT Plugin system varaibles: +Available AUDIT Plugin system variables: * **audit_json_log_file**: json log file name. If audit_json_file option is enabled will write audit trail to this file. Value may be either an absolute path or relative to the MySQL datadir. Default value: mysql-audit.json. * **audit_json_file**: json log file Enable|Disable. @@ -15,6 +15,7 @@ Available AUDIT Plugin system varaibles: * **audit_record_objs**: Comma separated list of objects (tables) to log to the audit trail. Table name should be specified as: `database.table`. Wild cards are supported and it is possible to specify: `*.mytable` or `mydb.*`. Specify: `{}` as part of the list to include the empty set to catch also cases where an activity has no objects (for example connect and quit). * **audit_whitelist_users**: Comma separated list of white-listed users whose queries are not recorded. Specify: `{}` as part of the list to include the empty user. * **audit_whitelist_cmds**: Comma separated list of white-listed cmds whose queries are not recorded. Introduced at version 1.0.6. +* **audit_force_record_logins**: Force logging: Connect, Quit and Failed Login commands, regardless of the settings in `audit_record_cmds` and `audit_record_objs` variables. Enable|Disable. Default value: disabled. Introduced at version 1.0.8. * **audit_header_msg**: Header message logging ON|OFF. Default value: ON. Introduced at version 1.0.6. * **audit_password_masking_cmds**: Comma separated list of commands for which the password masking regex will be applied. Default value includes MySQL commands that may include a password clause: `CREATE_USER,GRANT,SET_OPTION,SLAVE_START,CREATE_SERVER,ALTER_SERVER,CHANGE_MASTER`. Introduced at version 1.0.6. * **audit_password_masking_regex**: PCRE complaint regular expression used for password masking. Regex will be applied only to statements with command type as specified at: `audit_password_masking_cmds`. Introduced at version 1.0.6. @@ -24,4 +25,4 @@ Available AUDIT Plugin system varaibles: **Notes:** * When configuring boolean variables (enable/disable) in MySQL 5.1 via a configuration file (my.cnf) use 0/1 as values. For example: `audit_json_file=1`. There seems to be an issue with MySQL 5.1 where boolean configurations with `ON/OFF` values in my.cnf don't work. -* The above list may be incomplete. To view all available AUDIT system variables run: `mysqld --help --verbose` +* The above list may be incomplete. To view all available AUDIT system variables run: `mysqld --help --verbose` \ No newline at end of file