Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-15480

Audit plugin does not respect QUERY_DML for audit plugin

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 10.1.29
    • Fix Version/s: 10.1.34
    • Component/s: Plugin - Audit
    • Labels:
      None
    • Environment:
      Centos 7 64bit

      Description

      I have configured the Audit plugin as:

      plugin-load-add = server_audit
      server_audit_logging = ON
      server_audit_events = QUERY_DML
      server_audit_output_type = FILE
      server_audit_file_path = /path/to/audit.log
      server_audit_query_log_limit = 1048576
      server_audit_file_rotate_size = 1073741824
      server_audit_file_rotations = 1

      Based on the docs, "QUERY_DML" should mean:

      Same as QUERY, but filters only DML-type queries (DO, CALL, LOAD DATA/XML, DELETE, INSERT, UPDATE, HANDLER and REPLACE statements)

      However, in the created log file, together with expected INSERTs, UPDATEs and DELETEs, I also find all SELECTs are logged.

      Based on the description, SELECTs should not appear in the log with this config, or perhaps the description is wrong.

        Attachments

          Activity

            People

            • Assignee:
              holyfoot Alexey Botchkov
              Reporter:
              Tasso85 Matteo Tassinari
            • Votes:
              2 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: