Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-23457

CREATE / DROP PROCEDURE not logged with audit plugin

    XMLWordPrintable

Details

    Description

      The commands

      DELIMITER //
      		 
       
      		 
      CREATE PROCEDURE simpleproc (OUT param1 INT)
      		 
       BEGIN
      		 
        SELECT COUNT(*) INTO param1 FROM t;
      		 
       END;
      		 
      //
      		 
       
      		 
      DELIMITER ;
      		 
       
      		 
      DROP PROCEDURE simpleproc ;

      will not be logged with

      set global server_audit_events = "CONNECT,QUERY_DDL,QUERY_DCL";

      also not with QUERY_DML

      set global server_audit_events = "CONNECT,QUERY_DDL,QUERY_DCL,QUERY_DML";

      with adding QUERY it works.

      set global server_audit_events = "CONNECT,QUERY_DDL,QUERY_DCL,QUERY_DML,QUERY";

      In the KB CREATE / DROP PROCEDURE will not classified as DDL.

      —except CREATE/DROP [PROCEDURE / FUNCTION / USER] and RENAME USER (they're not DDL)

      [https://mariadb.com/kb/en/mariadb-audit-plugin-log-settings/|
      https://mariadb.com/kb/en/mariadb-audit-plugin-log-settings/]

      Even if this would be true, it should be logged with adding QUERY_DML at least,
      but SQL standard classify it also as DDL.

      https://www.w3schools.in/mysql/ddl-dml-dcl/#DDL

      In MariaDB and SQL standard DROP / CREATE Procedures is classified as DDL.

      Attachments

        Activity

          People

            holyfoot Alexey Botchkov
            Richard Richard Stracke
            Votes:
            1 Vote for this issue
            Watchers:
            9 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.