mysql添加mcafee 审计插件
插件源码地址
https://github.com/mcafee/mysql-audit
插件安装方法
https://github.com/mcafee/mysql-audit/wiki/Installation
插件下载地址
https://bintray.com/mcafee/mysql-audit-plugin/release/1.0.9-585
1、查看mysql插件存放目录
mysql> SHOW GLOBAL VARIABLES LIKE 'plugin_dir';
+---------------+-----------------------------------+
| Variable_name | Value |
+---------------+-----------------------------------+
| plugin_dir | /usr/local/mysql/lib/plugin/ |
+---------------+-----------------------------------+
1 row in set (0.01 sec)
2、复制libaudit_plugin.so 至 mysql插件目录
mv libaudit_plugin.so /usr/local/mysql/lib/plugin/
chmod a+x /usr/local/mysql/lib/plugin/*
chown mysql:mysql /usr/local/mysql/lib/plugin/*
3、安装插件
初使使用在线安装,但是安装失败
mysql> INSTALL PLUGIN AUDIT SONAME 'libaudit_plugin.so';
ERROR 1524 (HY000): Plugin 'AUDIT' is not loaded
然后使用修改配置,然后重启数据库,官方推荐使用修改配置方式安装。
Note: On production systems, McAfee recommends using the plugin-load option for installing the audit plugin.
修改my.cnf文件,添加加载审计插件代码
plugin-load=AUDIT=libaudit_plugin.so
audit_json_file=on
audit_force_record_logins=on
audit_json_file_sync=1
重启数据库
/etc/init.d/mysql.server restart
4、查看插件状态
mysql> show plugins;
+----------------------------+----------+--------------------+--------------------+---------+
| Name | Status | Type | Library | License |
+----------------------------+----------+--------------------+--------------------+---------+
| binlog | ACTIVE | STORAGE ENGINE | NULL | GPL |
| mysql_native_password | ACTIVE | AUTHENTICATION | NULL | GPL |
| mysql_old_password | ACTIVE | AUTHENTICATION | NULL | GPL |
| sha256_password | ACTIVE | AUTHENTICATION | NULL | GPL |
| MEMORY | ACTIVE | STORAGE ENGINE | NULL | GPL |
| CSV | ACTIVE | STORAGE ENGINE | NULL | GPL |
| MRG_MYISAM | ACTIVE | STORAGE ENGINE | NULL | GPL |
| MyISAM | ACTIVE | STORAGE ENGINE | NULL | GPL |
| FEDERATED | DISABLED | STORAGE ENGINE | NULL | GPL |
| PERFORMANCE_SCHEMA | ACTIVE | STORAGE ENGINE | NULL | GPL |
| BLACKHOLE | ACTIVE | STORAGE ENGINE | NULL | GPL |
| InnoDB | ACTIVE | STORAGE ENGINE | NULL | GPL |
| INNODB_TRX | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_LOCKS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_LOCK_WAITS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMP | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMP_RESET | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMPMEM | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMPMEM_RESET | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMP_PER_INDEX | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMP_PER_INDEX_RESET | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_BUFFER_PAGE | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_BUFFER_PAGE_LRU | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_BUFFER_POOL_STATS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_METRICS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_DEFAULT_STOPWORD | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_DELETED | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_BEING_DELETED | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_CONFIG | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_INDEX_CACHE | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_INDEX_TABLE | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_TABLES | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_TABLESTATS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_INDEXES | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_COLUMNS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_FIELDS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_FOREIGN | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_FOREIGN_COLS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_TABLESPACES | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_DATAFILES | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| ARCHIVE | ACTIVE | STORAGE ENGINE | NULL | GPL |
| partition | ACTIVE | STORAGE ENGINE | NULL | GPL |
| AUDIT | ACTIVE | AUDIT | libaudit_plugin.so | GPL |
+----------------------------+----------+--------------------+--------------------+---------+
43 rows in set (0.00 sec)
5、查看插件的配置参数
mysql> show global VARIABLES like '%audit%';
+---------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Variable_name | Value |
+---------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| audit_checksum | |
| audit_delay_cmds | |
| audit_delay_ms | 0 |
| audit_force_record_logins | ON |
| audit_header_msg | ON |
| audit_json_file | ON |
| audit_json_file_bufsize | 1 |
| audit_json_file_flush | OFF |
| audit_json_file_retry | 60 |
| audit_json_file_sync | 1 |
| audit_json_log_file | mysql-audit.json |
| audit_json_socket | OFF |
| audit_json_socket_name | /tmp/mysql.audit__data_mysql_3306_datadir_mysqldata_3306 |
| audit_json_socket_retry | 10 |
| audit_offsets | |
| audit_offsets_by_version | ON |
| audit_password_masking_cmds | CREATE_USER,GRANT,SET_OPTION,SLAVE_START,CREATE_SERVER,ALTER_SERVER,CHANGE_MASTER |
| audit_password_masking_regex | identified(?:/\*.*?\*/|\s)*?by(?:/\*.*?\*/|\s)*?(?:password)?(?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"]|password(?:/\*.*?\*/|\s)*?\((?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"](?:/\*.*?\*/|\s)*?\)|password(?:/\*.*?\*/|\s)*?(?:for(?:/\*.*?\*/|\s)*?\S+?)?(?:/\*.*?\*/|\s)*?=(?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"]|password(?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"] |
| audit_record_cmds | |
| audit_record_objs | |
| audit_uninstall_plugin | OFF |
| audit_validate_checksum | ON |
| audit_validate_offsets_extended | ON |
| audit_whitelist_cmds | BEGIN,COMMIT |
| audit_whitelist_users | |
+---------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
25 rows in set (0.01 sec)
6、验证审计
[root@VM_166_132 mysqldata]# tailf /data/mysql/mysql-audit.json
{"msg-type":"activity","date":"1480659848340","thread-id":"4","query-id":"12","user":"root","priv_user":"root","host":"","ip":"127.0.0.1","cmd":"show_variables","objects":[{"db":"information_schema","name":"/tmp/#sql_6a75_0","obj_type":"TABLE"}],"query":"SHOW GLOBAL VARIABLES LIKE 'plugin_dir'"}
{"msg-type":"activity","date":"1480659883722","thread-id":"4","query-id":"13","user":"root","priv_user":"root","host":"","ip":"127.0.0.1","cmd":"show_plugins","objects":[{"db":"information_schema","name":"/tmp/#sql_6a75_0","obj_type":"TABLE"}],"query":"show plugins"}
7、关闭审计
mysql> set GLOBAL audit_json_file=off ;
Query OK, 0 rows affected (0.01 sec)
8、禁用插件
mysql> UNINSTALL PLUGIN AUDIT;
ERROR 1148 (42000): Uninstall AUDIT plugin disabled
在线禁用失败,采取修改配置文件,重启方式修改。
mysql添加mcafee 审计插件的更多相关文章
- mysql审计插件
Audit Plugin安装使用 原文: https://www.cnblogs.com/waynechou/p/mysql_audit.html#_label0 #有卸载方法 下载地址: htt ...
- MySQL Percona server 5.5 安装审计插件
近期,公司要求对MySQL 数据库上操作进行审计:通过了解MySQL 官方企业版(付费版)本中集成了audit_log审计插件,但是社区开源版本中并不包含该插件,也没提供下载.进一步了解 MariaD ...
- 干货 | MySQL数据库安全之审计
干货 | MySQL数据库安全之审计 原创: 李勇 京东云开发者社区 今天 每家公司都希望业务高速增长,最好能出几个爆款产品或者爆款业务,从而带动公司营收高速攀升.但站在数据库管理员的角度,这却是实 ...
- roundcute 添加修改密码插件
添加修改密码插件 现打开main.inc.php 文件,搜索“$rcmail_config['plugins']”,找到: // List of active plugins (in plugins/ ...
- mysql-cacti-templates-1.1.2.tar.gz 免费下载 cacti MySQL添加监控
cacti MySQL添加监控 1. 安装监控插件 wget http://mysql-cacti-templates.googlecode.com/files/mysql-cacti-templat ...
- docker-compose 修改zabbix images 添加微信报警插件 时间同步 中文乱码 添加grafana美化zabbix
我们先来看一下我们要修改得 zabbix.yaml github https://github.com/bboysoulcn/awesome-dockercompose ve ...
- Cordova - 使用Cordova开发iOS应用实战3(添加Cordova控制台插件)
Cordova - 使用Cordova开发iOS应用实战3(添加Cordova控制台插件) 前文介绍了通过 Safari 的 Web检查器,可以看到控制台输出的信息.但有时这样调试代码不太方便,如果在 ...
- ubuntu下mysql添加用户的问题
在ubuntu下使用命令: $:sudo apt-get install mysql-server 命令安装的Mysql 版本为:Server version: 5.7.13-0ubuntu0.16. ...
- MySQL添加字段和删除字段
MySQL添加字段应该如何实现呢?这是很多刚刚接触MySQL数据库的新人都提到过的问题,下面就为您介绍MySQL添加字段和删除字段的方法,希望对您能有所启迪. MySQL添加字段: alter tab ...
随机推荐
- 删除指定表的所有索引,包括主键索引,唯一索引和普通索引 ,适用于sql server 2005,
原文:删除指定表的所有索引,包括主键索引,唯一索引和普通索引 ,适用于sql server 2005, --删除指定表中所有索引 --用法:declare @tableName varchar(100 ...
- HttpRuntime详解分析
HttpRuntime详解分析(上) 文章内容 从上章文章都知道,asp.net是运行在HttpRuntime里的,但是从CLR如何进入HttpRuntime的,可能大家都不太清晰.本章节就是通过深入 ...
- bootstrap错误警告信息提示
bootstrap提供了成功执行.警告和错误信息的样式. 在使用该功能的时候需要引入以下几个文件: bootstrap.css jquery.js(需放在bootstrap.js之前) bootstr ...
- MVC 5 - 查询Details和Delete方法
MVC 5 - 查询Details和Delete方法 在这部分教程中,接下来我们将讨论自动生成的Details和Delete方法. 查询Details和Delete方法 打开Movie控制器并查看De ...
- 飘逸的python - 命令行漂亮的显示json数据
之前做的一个脚本把信息用json格式存到文本中.这样的好处是简便,易编辑,并且拥有强大的表达能力. 不过从文本cat出来的是一堆很难看的字符串,没换行和缩进.这时候就在想,如果有个类似于IDE的格式化 ...
- C#事件与委托的区别
C#事件与委托的区别 1. 委托 事件是利用委托来定义的,因此先解释委托.委托是一个类,它与其他类如int,string等没有本质区别,int代表的是所有的整形,而string代表的是字符串,委托则代 ...
- 2 MySQL安装
目录: 1. mysql安装简介2. 下载AppServ3. 安装AppServ4. 使用phpmyadmin连接MySQL5. 使用MySQL Command Line Client 连接MySQL ...
- Java学习笔记——JDBC之PreparedStatement类中“预编译”的综合应用
预编译 SQL 语句被预编译并存储在 PreparedStatement 对象中.然后可以使用此对象多次高效地执行该语句. 预编译的优点 1.PreparedStatement是预编译的,对于批量处理 ...
- ASP.NET MVC实现剪切板功能
前言 关于复制粘贴的功能,好像不用劳师动众的写后端代码,JS就可以,但正如大家所知道的,兼容性问题,当然这么通用的功能怎么可能没有一个通用的方案呢,于是便找到了一款jquery插件 jquery.cl ...
- MySQLdb/mysql-python安装时EnvironmentError: mysql_config not found
代码:root@vpser:~# cd MySQL-python-1.2.3root@vpser:~/MySQL-python-1.2.3# python setup.py install sh: m ...