[MDEV-35511] Audit log not reporting user in a Galera cluster - Jira

XML

Word

Printable

Details

Type: Bug
Status: Stalled (View Workflow)
Priority: Critical
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: 10.6, 10.11, 11.4, 11.8
Component/s: Plugin - Audit
Labels:
None

Sprint:
Q4/2025 Galera Maintenance

Description

We have the audit log enabled on a Galera cluster. Queries are ran on the primary node by a user, and successfully applied to the other nodes.

The audit log on the primary node is correct, and shows the `DROP`, `CREATE`, and `QUERY` events.

However, on the other cluster nodes, the audit log only shows the `DROP` and `CREATE` events, and strips out the user.

Here are some log lines from the primary node:

20241024 04:33:08,dbclu02,admin,%,607651293,2630777699,DROP,DB_Staging,AD_Users,

20241024 04:33:08,dbclu02,admin,%,607651293,2630777699,QUERY,DB_Staging,'DROP TABLE IF EXISTS `AD_Users`',0

20241024 04:33:08,dbclu02,admin,%,607651293,2630777704,CREATE,DB_Staging,AD_Users,

20241024 04:33:08,dbclu02,admin,%,607651293,2630777704,QUERY,DB_Staging,'CREATE TABLE `AD_Users` ... (redacted)

The replica nodes only shows the `DROP` and `CREATE` entries:

20241024 04:33:08,dbclu01,,,7,492001376,DROP,DB_Staging,AD_Users,

20241024 04:33:08,dbclu01,,,13,492001381,CREATE,DB_Staging,AD_Users,

This is confusing as it is unclear where these events came from when looking at the replica nodes. At a minimum, we should add some kind of "system user" to the log so it doesn't raise any concerns.

Attachments

Activity

People

Assignee:: Seppo Jaakola

Reporter:: Will Fong

Votes:: 0 Vote for this issue

Watchers:: 12 Start watching this issue

Dates

Created:: 2024-11-27 02:09

Updated:: 2025-09-16 13:31

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.