Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-23457

CREATE / DROP PROCEDURE not logged with audit plugin

    XMLWordPrintable

    Details

      Description

      The commands

      DELIMITER //
       
      CREATE PROCEDURE simpleproc (OUT param1 INT)
       BEGIN
        SELECT COUNT(*) INTO param1 FROM t;
       END;
      //
       
      DELIMITER ;
       
      DROP PROCEDURE simpleproc ;
      

      will not be logged with

      set global server_audit_events = "CONNECT,QUERY_DDL,QUERY_DCL";

      also not with QUERY_DML

      set global server_audit_events = "CONNECT,QUERY_DDL,QUERY_DCL,QUERY_DML";

      with adding QUERY it works.

      set global server_audit_events = "CONNECT,QUERY_DDL,QUERY_DCL,QUERY_DML,QUERY";

      In the KB CREATE / DROP PROCEDURE will not classified as DDL.

      —except CREATE/DROP [PROCEDURE / FUNCTION / USER] and RENAME USER (they're not DDL)
      

      [https://mariadb.com/kb/en/mariadb-audit-plugin-log-settings/|
      https://mariadb.com/kb/en/mariadb-audit-plugin-log-settings/]

      Even if this would be true, it should be logged with adding QUERY_DML at least,
      but SQL standard classify it also as DDL.

      https://www.w3schools.in/mysql/ddl-dml-dcl/#DDL

      In MariaDB and SQL standard DROP / CREATE Procedures is classified as DDL.

        Attachments

          Activity

            People

            Assignee:
            holyfoot Alexey Botchkov
            Reporter:
            Richard Richard Stracke
            Votes:
            1 Vote for this issue
            Watchers:
            9 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Git Integration