Additionally make sure JSON messages are UTF8 encoded (as this is expected by many readers), no matter for charset is used from MariaDB server side. We may have to add option like:
server_audit_output_charset
to take this into account.
Valerii Kravchuk
added a comment - - edited Additionally make sure JSON messages are UTF8 encoded (as this is expected by many readers), no matter for charset is used from MariaDB server side. We may have to add option like:
server_audit_output_charset
to take this into account.
Also, it would be helpful if current CSV-type format can be changed.
Current csv-type file format is simple, but it's still painful to parse, because
in case [operation] is QUERY, [object] (==query-string) can contain csv-delimiter chars (',').
Also you have to have special mysql/mariadb-unquote parser to parse query string to get it correctly parsed.
Nilnandan Joshi
added a comment - Also, it would be helpful if current CSV-type format can be changed.
Current csv-type file format is simple, but it's still painful to parse, because
in case [operation] is QUERY, [object] (==query-string) can contain csv-delimiter chars (',').
Also you have to have special mysql/mariadb-unquote parser to parse query string to get it correctly parsed.
Along with the request about CSV i'd propose to make formats flexible - add variables to specify the list of columns (for CSV) and keys (for the JSON) that appear in the log. Excluding the data that is not needed can save the space, and we also can provide additional information that is not shown in those Oracle/Percona's logs.
Alexey Botchkov
added a comment - - edited We have two existing JSON formats - the MySQL format and the Percona one.
https://docs.percona.com/percona-server/8.0/management/audit_log_plugin.html#audit_log_buffer_size_overflow
https://dev.mysql.com/doc/refman/8.0/en/audit-log-file-formats.html#audit-log-file-json-format
Along with the request about CSV i'd propose to make formats flexible - add variables to specify the list of columns (for CSV) and keys (for the JSON) that appear in the log. Excluding the data that is not needed can save the space, and we also can provide additional information that is not shown in those Oracle/Percona's logs.
I would be good to have a similar format as Percona server as this would allow easier usage with their PMM monitor:
Here is an example of one of their records:
{
"audit_record": {
"name": "Query",
"record": "4707_2014-08-27T10:43:52",
"timestamp": "2014-08-27T10:44:19 UTC",
"command_class": "show_databases",
"connection_id": "37",
"status": 0,
"sqltext": "show databases",
"user": "root[root] @ localhost []",
"host": "localhost",
"os_user": "",
"ip": ""
}
}
Michael Widenius
added a comment - - edited I would be good to have a similar format as Percona server as this would allow easier usage with their PMM monitor:
Here is an example of one of their records:
{
"audit_record": {
"name": "Query",
"record": "4707_2014-08-27T10:43:52",
"timestamp": "2014-08-27T10:44:19 UTC",
"command_class": "show_databases",
"connection_id": "37",
"status": 0,
"sqltext": "show databases",
"user": "root[root] @ localhost []",
"host": "localhost",
"os_user": "",
"ip": ""
}
}
New Feature
Major
Additionally make sure JSON messages are UTF8 encoded (as this is expected by many readers), no matter for charset is used from MariaDB server side. We may have to add option like:
server_audit_output_charset
to take this into account.