Better text for ON|OFF variables.
parent
aa9af29fc9
commit
dcfccf5ed5
|
@ -3,19 +3,19 @@ By default, after installation the AUDIT Plugin doesn't log activity. You must e
|
|||
Available AUDIT Plugin system variables:
|
||||
|
||||
* **audit_json_log_file**: json log file name. If audit_json_file option is enabled will write audit trail to this file. Value may be either an absolute path or relative to the MySQL datadir. Default value: mysql-audit.json.
|
||||
* **audit_json_file**: json log file Enable|Disable.
|
||||
* **audit_json_file**: json log file ON|OFF.
|
||||
* **audit_json_file_sync**: json log file sync period. If the value of this variable is greater than 0, audit log will sync to disk after every audit_json_file_sync writes. Default value: 0.
|
||||
* **audit_json_file_flush**: Calling `set global audit_json_file_flush=on` will cause a flush of the log file (close and reopen of the log). This can be used to rotate logs similarly to how MySQL manages its log files. See: http://dev.mysql.com/doc/refman/5.5/en/log-file-maintenance.html .
|
||||
* **audit_json_socket_name**: json UNIX socket name. If audit_json_socket option is enabled will write audit trail to this UNIX socket.
|
||||
* **audit_json_socket**: json UNIX socket Enable|Disable.
|
||||
* **audit_uninstall_plugin**: AUDIT uninstall plugin Enable|Disable (command line/conf file only). If disabled attempts to uninstall the AUDIT plugin via the sql UNINSTALL command will fail. Provides added security from uninstalling the plugin. Also protection from [CVE-2010-1621](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1621) affecting versions up to 5.1.46.
|
||||
* **audit_validate_checksum**: mysqld binary checksum validation Enable|Disable. See Troubleshooting section in [[Installation]] page.
|
||||
* **audit_json_socket**: json UNIX socket ON|OFF.
|
||||
* **audit_uninstall_plugin**: AUDIT uninstall plugin ON|OFF (command line/conf file only). If disabled attempts to uninstall the AUDIT plugin via the sql UNINSTALL command will fail. Provides added security from uninstalling the plugin. Also protection from [CVE-2010-1621](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1621) affecting versions up to 5.1.46.
|
||||
* **audit_validate_checksum**: mysqld binary checksum validation ON|OFF. See Troubleshooting section in [[Installation]] page.
|
||||
* **audit_checksum**: Checksum for mysqld to validate (command line/conf file only). Used when audit_offsets are present. The plugin will not load if the specified checksum doesn't match the calculated one. This is useful when offsets have been set manually and you want to avoid using the manual offsets without validation after an upgrade of mysqld.
|
||||
* **audit_record_cmds**: Comma separated list of commands to log to the audit trail. For example: `insert,update,delete`.
|
||||
* **audit_record_objs**: Comma separated list of objects (tables) to log to the audit trail. Table name should be specified as: `database.table`. Wild cards are supported and it is possible to specify: `*.mytable` or `mydb.*`. Specify: `{}` as part of the list to include the empty set to catch also cases where an activity has no objects (for example connect and quit).
|
||||
* **audit_whitelist_users**: Comma separated list of white-listed users whose queries are not recorded. Specify: `{}` as part of the list to include the empty user.
|
||||
* **audit_whitelist_cmds**: Comma separated list of white-listed cmds whose queries are not recorded. Introduced at version 1.0.6.
|
||||
* **audit_force_record_logins**: Force logging: Connect, Quit and Failed Login commands, regardless of the settings in `audit_record_cmds` and `audit_record_objs` variables. Enable|Disable. Default value: disabled. Introduced at version 1.0.8.
|
||||
* **audit_force_record_logins**: Force logging: Connect, Quit and Failed Login commands, regardless of the settings in `audit_record_cmds` and `audit_record_objs` variables. ON|OFF. Default value: OFF. Introduced at version 1.0.8.
|
||||
* **audit_header_msg**: Header message logging ON|OFF. Default value: ON. Introduced at version 1.0.6.
|
||||
* **audit_password_masking_cmds**: Comma separated list of commands for which the password masking regex will be applied. Default value includes MySQL commands that may include a password clause: `CREATE_USER,GRANT,SET_OPTION,SLAVE_START,CREATE_SERVER,ALTER_SERVER,CHANGE_MASTER`. Introduced at version 1.0.6.
|
||||
* **audit_password_masking_regex**: PCRE complaint regular expression used for password masking. Regex will be applied only to statements with command type as specified at: `audit_password_masking_cmds`. Introduced at version 1.0.6.
|
||||
|
|
Loading…
Reference in New Issue