#修改配置文件
[mysqld]
audit_log_format=JSON
audit_log_rotate_on_size=1048576
audit_log_strategy=PERFORMANCE
audit_log_file=audit.json
audit_log_prune_second=259200
#重启mysql数据库服务
systemctl status mysqld.service
systemctl stop mysqld.service
systemctl status mysqld.service
systemctl start mysqld.service
systemctl status mysqld.service
#配置审计
set @mysql_filter='\
{\
"filter": {\
"class": [\
{\
"name": "connection",\
"event": [\
{ "name": "connect" },\
{ "name": "disconnect" }\
]\
},\
{\
"name": "general",\
"event": {\
"name": "status",\
"log": {\
"and": [\
{\
"or": [\
{"field": { "name": "general_command.str", "value": "Query" }},\
{"field": { "name": "general_command.str", "value": "Execute" }}\
]\
},\
{\
"or": [\
{"field": { "name": "general_sql_command.str", "value": "alter_db" }},\
{"field": { "name": "general_sql_command.str", "value": "create_db" }},\
{"field": { "name": "general_sql_command.str", "value": "drop_db" }},\
{"field": { "name": "general_sql_command.str", "value": "create_role" }},\
{"field": { "name": "general_sql_command.str", "value": "set_role" }},\
{"field": { "name": "general_sql_command.str", "value": "drop_role" }},\
{"field": { "name": "general_sql_command.str", "value": "create_user" }},\
{"field": { "name": "general_sql_command.str", "value": "rename_user" }},\
{"field": { "name": "general_sql_command.str", "value": "alter_user" }},\
{"field": { "name": "general_sql_command.str", "value": "drop_user" }},\
{"field": { "name": "general_sql_command.str", "value": "grant" }},\
{"field": { "name": "general_sql_command.str", "value": "grant_roles" }},\
{"field": { "name": "general_sql_command.str", "value": "revoke" }},\
{"field": { "name": "general_sql_command.str", "value": "revoke_all" }},\
{"field": { "name": "general_sql_command.str", "value": "revoke_roles" }},\
{"field": { "name": "general_sql_command.str", "value": "set_password" }},\
{"field": { "name": "general_sql_command.str", "value": "change_replication_source" }},\
{"field": { "name": "general_sql_command.str", "value": "change_repl_filter" }},\
{"field": { "name": "general_sql_command.str", "value": "slave_start" }},\
{"field": { "name": "general_sql_command.str", "value": "slave_stop" }},\
{"field": { "name": "general_sql_command.str", "value": "group_replication_start" }},\
{"field": { "name": "general_sql_command.str", "value": "group_replication_stop" }},\
{"field": { "name": "general_sql_command.str", "value": "lock_instance" }},\
{"field": { "name": "general_sql_command.str", "value": "unlock_instance" }},\
{"field": { "name": "general_sql_command.str", "value": "alter_instance" }},\
{"field": { "name": "general_sql_command.str", "value": "flush" }},\
{"field": { "name": "general_sql_command.str", "value": "set_option" }},\
{"field": { "name": "general_sql_command.str", "value": "reset" }},\
{"field": { "name": "general_sql_command.str", "value": "kill" }},\
{"field": { "name": "general_sql_command.str", "value": "shutdown" }},\
{"field": { "name": "general_sql_command.str", "value": "restart" }}\
]\
}\
]\
}\
}\
}\
]\
}\
}';
SELECT audit_log_filter_set_filter('mysql_adt',@mysql_filter);
SELECT audit_log_filter_set_user('%', 'mysql_adt');
5.3 审计策略回滚操作
#取消审计
SELECT audit_log_filter_remove_filter('mysql_adt');
#修改配置文件
[mysqld]
#audit_log_format=JSON
#audit_log_rotate_on_size=1048576
#audit_log_strategy=PERFORMANCE
#audit_log_file=audit.json
#audit_log_prune_second=259200mysql部署审计策略
原创
©著作权归作者所有:来自51CTO博客作者Zoey_Y的原创作品,请联系作者获取转载授权,否则将追究法律责任
下一篇:随笔
提问和评论都可以,用心的回复会被更多人看到
评论
发布评论
相关文章
-
提升用户体验的UUID设计策略
这篇文章讨论了唯一标识符(UUID)在应用程序中的重要性,以及如何通过一些改进来增强用户体验。
typescript 前端 后端 uuid -
Oracle数据库加固——审计策略
Oracle数据库加固——审计策略
oracle Oracle数据库 审计策略 oracle审计策略
