[MDEV-14713] MariaDB Audit Plugin audits SET GLOBAL - Jira

XML

Word

Printable

Details

Type: Task
Status: Open (View Workflow)
Priority: Major
Resolution: Unresolved
Fix Version/s: None
Component/s: Plugin - Audit
Labels:
None

Description

The 'server_audit_events' system variable currently supports the following event types as filters:

CONNECT
QUERY
TABLE
QUERY_DDL
QUERY_DML
QUERY_DCL

I would like to request the following additional event type as a filter:

GLOBAL_VARIABLES

If this event type is selected for audit logging, then whenever the SET GLOBAL command is executed, the audit plugin should log the following information to the audit log:

The name of the system variable that is being changed.
The old value of the system variable.
The new value of the system variable.

Since the server_audit_% system variables can affect the audit logging configuration, it may be a good idea to make them special cases that are always logged, regardless of whether server_audit_events=GLOBAL_VARIABLES is set. See ~~MDEV-17456~~ for more information about a previous problem related to that.

Attachments

Issue Links

relates to

MDEV-17456 Malicious SUPER user can possibly change audit log configuration without leaving traces

Closed

MDEV-19459 Backport MDEV-17456 to server_audit plugin in 10.1

Closed

MDEV-5313 Improving audit api

Stalled

MDEV-5983 Auditing plugin v2.0

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Troy Frericks

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 2017-12-19 17:56

Updated:: 2024-07-08 00:22

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.