Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.1.29
-
None
-
Centos 7 64bit
Description
I have configured the Audit plugin as:
plugin-load-add = server_audit
server_audit_logging = ON
server_audit_events = QUERY_DML
server_audit_output_type = FILE
server_audit_file_path = /path/to/audit.log
server_audit_query_log_limit = 1048576
server_audit_file_rotate_size = 1073741824
server_audit_file_rotations = 1
Based on the docs, "QUERY_DML" should mean:
Same as QUERY, but filters only DML-type queries (DO, CALL, LOAD DATA/XML, DELETE, INSERT, UPDATE, HANDLER and REPLACE statements)
However, in the created log file, together with expected INSERTs, UPDATEs and DELETEs, I also find all SELECTs are logged.
Based on the description, SELECTs should not appear in the log with this config, or perhaps the description is wrong.
My guess is that it's documentation omission, traditionally SELECT is included into "DML" queries, even though technically it doesn't modify anything.
I'll assign it to holyfoot to confirm – if it's indeed as designed, please reassign to Ian for documentation fix, or just fix it yourself.