Tcpdump MySQL Query
在MySQL线上环境我们一般只打开了binary log,slow log,有时我们需要查看general log呢?因为该log记录所有的请求,打开该日志肯定给磁盘造成很大压力,IO能力有所下降,所以该日志线上一般不打开的,这就到tcpdump闪亮登场了。
tcpdump用法也不算复杂,输出就比较复杂了,如果非常熟悉TCP/IP协议,那么输出对于你来说就是小kiss啦。我们这里只关心MySQL的Query,所以输出还是非常简单,就是日常的查询语句。
1.安装
一般系统都自带了tcpdump命令,没有该命令的采用如下方式安装:
[root@yayun-mysql-server ~]# yum install tcpdump -y
2.简单使用(shell结合perl过滤查询)
[root@yayun-mysql-server ~]# cat query.sh
#!/bin/bash tcpdump -i any -s -l -w - dst port | strings | perl -e '
while(<>) { chomp; next if /^[^ ]+[ ]*$/;
if(/^(SELECT|UPDATE|DELETE|INSERT|SET|COMMIT|ROLLBACK|CREATE|DROP|ALTER|CALL)/i)
{
if (defined $q) { print "$q\n"; }
$q=$_;
} else {
$_ =~ s/^[ \t]+//; $q.=" $_";
}
}'
[root@yayun-mysql-server ~]#
关于各个参数说明请阅读文章最后给的链接。
执行上面脚本,在另外一个窗口执行查询,我使用了sysbench进行压力测试,最后抓取到的结果如下:
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size bytes
{ @ H{ @ H` @ ?h 'f$ ?h ;f$ ?h Of$ ?h cf$ ?h wf$ ?h" f$ ?h# f% ?h# f% H| @ Lg @ ?h+ f% <X _ ?h/ f% ?h/ f% Ha @ #d +/ #d ?/ #d S/ #d g/ #d {/ Hh @ H} @ <e _ L| @ Hb @ ?h? f& ?hM f' ?hN f' ?hZ f( #d3 / H @ Hi @ <x _ <x _ H~ @ Hc @ H} @ S 5 r ,) r @) r T) r h) r v) r! ) ?h~ f+ r+ ) N9 O f+#: f+#: #dM / Lj @ Hd @ #d_ / SHOW TABLE STATUS LIKE 'sbtest'
SELECT c from sbtest where id=?
SELECT c from sbtest where id between ? and ?
SELECT SUM(K) from sbtest where id between ? and ?
SELECT c from sbtest where id between ? and ? order by c
SELECT DISTINCT c from sbtest where id between ? and ? order by c
UPDATE sbtest set k=k+ where id=?
UPDATE sbtest set c=? where id=?
DELETE from sbtest where id=?
INSERT INTO sbtest values(?,,' ','aaaaaaaaaaffffffffffrrrrrrrrrreeeeeeeeeeyyyyyyyyyy')
SELECT c from sbtest where id=?
SELECT c from sbtest where id between ? and ?
SELECT SUM(K) from sbtest where id between ? and ?
SELECT c from sbtest where id between ? and ? order by c
SELECT DISTINCT c from sbtest where id between ? and ? order by c
UPDATE sbtest set k=k+ where id=?
UPDATE sbtest set c=? where id=?
DELETE from sbtest where id=?
INSERT INTO sbtest values(?,,' ','aaaaaaaaaaffffffffffrrrrrrrrrreeeeeeeeeeyyyyyyyyyy')
SELECT c from sbtest where id=?
SELECT c from sbtest where id between ? and ?
SELECT SUM(K) from sbtest where id between ? and ?
SELECT c from sbtest where id between ? and ? order by c
SELECT DISTINCT c from sbtest where id between ? and ? order by c
UPDATE sbtest set k=k+ where id=?
UPDATE sbtest set c=? where id=?
DELETE from sbtest where id=?
INSERT INTO sbtest values(?,,' ','aaaaaaaaaaffffffffffrrrrrrrrrreeeeeeeeeeyyyyyyyyyy')
SELECT c from sbtest where id=?
SELECT c from sbtest where id between ? and ?
SELECT SUM(K) from sbtest where id between ? and ?
SELECT c from sbtest where id between ? and ? order by c
SELECT DISTINCT c from sbtest where id between ? and ? order by c
UPDATE sbtest set k=k+ where id=?
UPDATE sbtest set c=? where id=?
DELETE from sbtest where id=?
其实还有更简单的方法,那就是使用tcpflow
安装tcpflow
[root@yayun-mysql-server ~]# yum install tcpflow -y
抓取数据的命令如下:
[root@yayun-mysql-server ~]# tcpflow -c -p -i any dst port | grep -i -E "select|insert|update|delete|replace" | sed 's%\(.*\)\([.]\{4\}\)\(.*\)%\3%'
输出结果和tcpdump结果是一样的。
tcpflow[]: listening on any
SELECT c from sbtest where id=?
SELECT c from sbtest where id between ? and ?
SELECT SUM(K) from sbtest where id between ? and ?
SELECT c from sbtest where id between ? and ? order by c
SELECT DISTINCT c from sbtest where id between ? and ? order by c
UPDATE sbtest set k=k+ where id=?
UPDATE sbtest set c=? where id=?
DELETE from sbtest where id=?
INSERT INTO sbtest values(?,,' ','aaaaaaaaaaffffffffffrrrrrrrrrreeeeeeeeeeyyyyyyyyyy')
SELECT c from sbtest where id=?
SELECT c from sbtest where id between ? and ?
SELECT SUM(K) from sbtest where id between ? and ?
SELECT c from sbtest where id between ? and ? order by c
SELECT DISTINCT c from sbtest where id between ? and ? order by c
UPDATE sbtest set k=k+ where id=?
UPDATE sbtest set c=? where id=?
DELETE from sbtest where id=?
INSERT INTO sbtest values(?,,' ','aaaaaaaaaaffffffffffrrrrrrrrrreeeeeeeeeeyyyyyyyyyy')
SELECT c from sbtest where id=?
SELECT c from sbtest where id between ? and ?
SELECT SUM(K) from sbtest where id between ? and ?
SELECT c from sbtest where id between ? and ? order by c
SELECT DISTINCT c from sbtest where id between ? and ? order by c
最后说说pt-query-digest,这工具包含在percona-toolkit,在分析慢查询方面是非常的好使,具体的用法大家自己前往官网查阅。
我们通过tcpdump抓包以后,通过--type tcpdump选项来分析一下,简单的用法如下:
[root@yayun-mysql-server ~]# tcpdump -s -x -nn -q -tttt -i any -c port > mysql.tcp.txt
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size bytes
packets captured
packets received by filter
packets dropped by kernel
[root@yayun-mysql-server ~]#
然后使用pt-query-digest工具来进行分析一下,用法也比较简单
[root@yayun-mysql-server ~]# pt-query-digest --type tcpdump mysql.tcp.txt # 340ms user time, 50ms system time, 24.38M rss, 205.10M vsz
# Current date: Thu Jun ::
# Hostname: yayun-mysql-server
# Files: mysql.tcp.txt
# Overall: total, unique, 115.61 QPS, .02x concurrency _____________
# Time range: -- ::11.127883 to ::11.300885
# Attribute total min max avg % stddev median
# ============ ======= ======= ======= ======= ======= ======= =======
# Exec time 3ms 51us 862us 171us 568us 191us 84us
# Rows affecte
# Query size
# Warning coun # Profile
# Rank Query ID Response time Calls R/Call V/M Item
# ==== ================== ============= ===== ====== ===== =====
# 0x85FFF5AA78E5FF6A 0.0034 100.0% 0.0002 0.00 BEGIN # Query : 115.61 QPS, .02x concurrency, ID 0x85FFF5AA78E5FF6A at byte
# This item is included in the report because it matches --limit.
# Scores: V/M = 0.00
# Time range: -- ::11.127883 to ::11.300885
# Attribute pct total min max avg % stddev median
# ============ === ======= ======= ======= ======= ======= ======= =======
# Count
# Exec time 3ms 51us 862us 171us 568us 191us 84us
# Rows affecte
# Query size
# Warning coun
# String:
# Hosts 192.168.1.20
# Query_time distribution
# 1us
# 10us ################################################################
# 100us ####################################################
# 1ms
# 10ms
# 100ms
# 1s
# 10s+
BEGIN\G
[root@yayun-mysql-server ~]#
如果系统历史比较久,我们想知道哪些账号在连接数据库的话,可以使用下面的命令,非常简单方便哦。
tcpdump -s -x -nn -q -tttt -i any -c port | pt-query-digest --limit=% --type tcpdump | perl -lne 'BEGIN{$/=""};1 while(/Hosts\s+((?:\d{1,3}\.){3}\d{1,3})[\s\S]+?Users\s+(\w+)(?{$h->{"$2\@$1"}++})/mg);END{print $_ for keys %$h}'
参考资料:
http://www.megalinux.net/using-tcpdump-for-mysql-query-logging/
http://www.xfocus.net/articles/200105/172.html
http://www.mysqlperformanceblog.com/2008/11/07/poor-mans-query-logging/
http://www.percona.com/doc/percona-toolkit/2.2/pt-query-digest.html
Tcpdump MySQL Query的更多相关文章
- tcpdump 学习(3):MySQL Query
在MySQL线上环境我们一般只打开了binary log,slow log,有时我们需要查看general log呢?因为该log记录所有的请求,打开该日志肯定给磁盘造成很大压力,IO能力有所下降,所 ...
- Discuz! X3搬家后UCenter出现UCenter info: MySQL Query Error解决方案
Discuz! X3 X2.5论坛搬家后 登录UCenter出现报错:UCenter info: MySQL Query ErrorSQL:SELECT value FROM [Table]vars ...
- MySQL Query Profile
MySQL Query Profiler, 可以查询到此 SQL 语句会执行多少, 并看出 CPU/Memory 使用量, 执行过程 System lock, Table lock 花多少时间等等.从 ...
- Linux下安装MySQL管理工具MySQL Administrator和MySQL Query Browser(转载)
文章来源:http://blog.csdn.net/sunrier/article/details/7572299 Linux下MySQL Administrator和MySQL Query Brow ...
- MySQL Query Cache 相关的问题
最近经常有人问我 MySQL Query Cache 相关的问题,就整理一点 MySQL Query Cache 的内容,以供参考. 顾名思义,MySQL Query Cache 就是用来缓存和 Qu ...
- Mysql query log
一.查询日志的概念: 查询日志记录MySQL中所有的query,通过"--log[=file_name]"来打开该功能.由于记录了所有的query,包括所有的select,体积比较 ...
- MySql Query Cache 优化
query cache原理 当mysql接收到一条select类型的query时,mysql会对这条query进行hash计算而得到一个hash值,然后通过该hash值到query cache中去匹配 ...
- 【原创】3. MYSQL++ Query类型与SQL语句执行过程(非template与SSQLS版本)
我们可以通过使用mysqlpp:: Query来进行SQL语句的增删改查. 首先来看一下mysqlpp::Query的一些最简单的调用, conn.connect(mysqlpp::examples: ...
- mysql query insert中文乱码
mysql新建的表的charset都是utf8的. 在phpmyadmin里直接敲sql,中文可以insert进去的,但是在php代码里mysql_query同样的sql语句就是不行,保存到表里是乱码 ...
随机推荐
- volatile内存语义
全面理解Java内存模型(JMM)及volatile关键字 volatile的内存语义 Volatile读写所建立的happens-before关系Volatile读写的内存语义 锁: 获取和释放Vo ...
- C# 验证给定的字符串形式的日期是否合法
用于验证日期的有效性,对于用户输入的不规则日期也作了简单处理,比如用户输入了“今天”,则代码会认为用户要返回的是今天的日期,另外可以对纯数字的日期进行解析,比如:20130906 /// <su ...
- [IR] Huffman Coding
为了保证:Block中,所有的叶子在所有的中间结点的前面.Static: Huffman coding Dynamic: Adaptive Huffman 一些概念 压缩指标 • Compress a ...
- Tetrahedron based light probe interpolation(基于四面体的Light Probe插值)
在当前的游戏引擎中,使用Light Probe来计算全局环境光对于动态物体的影响是一种很主流的方法.在预处理阶段生成完场景的Light Probe之后,传统的方法采用查找最近的8个相邻的Probe然后 ...
- sscanf的字符串格式化用法
sscanf()为C语言标准库函数,用于从指定字符串中读入与指定格式相符的数据.函数原型声明在stdio.h头文件中: int sscanf(const char *str, const char * ...
- Maven & Gradle 如何从中央仓库下载Jar包
https://mvnrepository.com/ maven 中央仓库 gradle可以轻松的完成Android项目对第三方jar包文件的依赖下载,再也不需要我们手动下载jar包,然后拷贝到 ...
- linux命令学习(3):ls命令
ls命令是linux下最常用的命令.ls命令就是list的缩写,缺省下ls用来打印出当前目录的清单.如果ls指定其他目录,那么就会显示指定 目录里的文件及文件夹清单. 通过ls 命令不仅可以查看lin ...
- win10 远程出现身份验证错误 要求的函数不受支持
win10的一个更新的bug 解决方案 http://note.youdao.com/noteshare?id=68aa9de9fbf46c50a097b3ccf7994580&sub=5AF ...
- redis数据持久化的两种方式
1,AOF AOF持久化以日志的形式记录服务器所处理的每一个写.删除操作,查询操作不会记录,以文本的方式append记录,可以打开文件看到详细的操作记录.(相同数量的数据集而言,AOF文件通常要大于R ...
- GIAC深圳站 | 2018年不可错过的全球互联网架构大会!
2018年6月1~2日,GIAC 全球互联网架构大会将于深圳华侨城洲际酒店举行!GIAC全球互联网架构大会是由msup和高可用架构技术社区联合举办的面向架构师.技术负责人及高端技术从业人员的技术架构大 ...