Details
-
Task
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Won't Do
-
None
Description
The set of desired features for the Auditing Plugin is big enough.
And we need to recode the existing plugin significantly to make it all working.
So v2.0
Features planned to include in it:
1. filter rules defined per user/role using a system table
- this will make the parameters server_audit_events, server_audit_excl_users and server_audit_incl_users obsolete
- thew default behavior without having filter rules defined will be to log all events and for all users
- user should be user@host for different filtering per host
2. Propagating Auditing Setting to log files
For Auditing it is of value to know the settings an audit log is based on.
When creating a new file, current settings should be added. A new event type could be used, like AUDIT_CONFIG and can be enabled via a system variable.
In the same format current used for the auditing rows it could look like:
20180307 22:57:20,,,,,,AUDIT_CONFIG,,'server_audit_syslog_priority=LOG_INFO',0
3. Logging for changes of auditing settings
As audit logging settings can be changed dynamically, should be possible to log changes to the audit settings itself, although events like QUERY are disabled ( a SET command used). The same format could be used as above, but just reporting the new value.
4. Placeholders instead of the real values for Query Logging.
That's needed usually for the security reasons. Particularly important for passwords.
5. Log rotation based on days
6. PRIVILEGES event type.
Attachments
Issue Links
- blocks
-
-
- Closed
-
- includes
-
-
- Closed
-
-
-
- Open
-
-
-
- Closed
-
-
-
- Open
-
- is blocked by
-
-
- Stalled
-
- relates to
-
-
- Open
-
-
-
- Open
-
-
-
- Open
-
-
MDEV-17456 Malicious SUPER user can possibly change audit log configuration without leaving traces
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Open
-