mirror of
https://github.com/MariaDB/server.git
synced 2025-08-09 22:24:09 +03:00
1aba30b8f9
In environments with load balancers or proxies, the audit plugin logs only the IP address, making it difficult to differentiate individual client connections from the same IP. Add a new 'port' field to the appropriate event objects to capture the client's TCP port number. Populate the port field with thd->port in the appropriate functions. The audit plugin receives and logs this port field along with other connection information, enabling better identification of individual client connections. All new code of the whole pull request, including one or several files that are either new files or modified ones, are contributed under the BSD-new license. I am contributing on behalf of my employer Amazon Web Services, Inc.
152 lines
4.1 KiB
Plaintext
152 lines
4.1 KiB
Plaintext
--source include/not_embedded.inc
|
|
--source include/have_pool_of_threads.inc
|
|
|
|
if (!$SERVER_AUDIT_SO) {
|
|
skip No SERVER_AUDIT plugin;
|
|
}
|
|
|
|
install plugin server_audit soname 'server_audit';
|
|
|
|
--disable_ps2_protocol
|
|
show variables like 'server_audit%';
|
|
set global server_audit_file_path=null;
|
|
set global server_audit_incl_users=null;
|
|
set global server_audit_file_path='server_audit.log';
|
|
set global server_audit_output_type=file;
|
|
set global server_audit_logging=on;
|
|
--sleep 2
|
|
connect (con1,localhost,root,,mysql);
|
|
connection default;
|
|
disconnect con1;
|
|
--sleep 2
|
|
--sleep 2
|
|
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
|
|
--error ER_ACCESS_DENIED_ERROR
|
|
connect (con1,localhost,no_such_user,,mysql);
|
|
connection default;
|
|
--sleep 2
|
|
set global server_audit_incl_users='odin, dva, tri';
|
|
create table t1 (id int);
|
|
set global server_audit_incl_users='odin, root, dva, tri';
|
|
create table t2 (id int);
|
|
set global server_audit_excl_users='odin, dva, tri';
|
|
insert into t1 values (1), (2);
|
|
select * from t1;
|
|
set global server_audit_incl_users='odin, root, dva, tri';
|
|
insert into t2 values (1), (2);
|
|
select * from t2;
|
|
alter table t1 rename renamed_t1;
|
|
set global server_audit_events='connect,query';
|
|
select 1,
|
|
2,
|
|
# comment
|
|
3;
|
|
insert into t2 values (1), (2);
|
|
select * from t2;
|
|
--disable_ps_protocol
|
|
--error ER_NO_SUCH_TABLE
|
|
select * from t_doesnt_exist;
|
|
--enable_ps_protocol
|
|
--error 1064
|
|
syntax_error_query;
|
|
drop table renamed_t1, t2;
|
|
show variables like 'server_audit%';
|
|
set global server_audit_mode=1;
|
|
set global server_audit_events='';
|
|
create database sa_db;
|
|
--sleep 2
|
|
connect (con1,localhost,root,,test);
|
|
connection con1;
|
|
--sleep 2
|
|
--sleep 2
|
|
create table t1 (id2 int);
|
|
insert into t1 values (1), (2);
|
|
select * from t1;
|
|
drop table t1;
|
|
use sa_db;
|
|
create table sa_t1(id int);
|
|
insert into sa_t1 values (1), (2);
|
|
drop table sa_t1;
|
|
drop database sa_db;
|
|
connection default;
|
|
disconnect con1;
|
|
--sleep 2
|
|
--sleep 2
|
|
create database sa_db;
|
|
use sa_db;
|
|
CREATE USER u1 IDENTIFIED BY 'pwd-123';
|
|
GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321";
|
|
SET PASSWORD FOR u1 = PASSWORD('pwd 098');
|
|
CREATE USER u3 IDENTIFIED BY '';
|
|
drop user u1, u2, u3;
|
|
|
|
set global server_audit_events='query_ddl';
|
|
create table t1(id int);
|
|
insert into t1 values (1), (2);
|
|
select * from t1;
|
|
select 2;
|
|
(select 2);
|
|
/*! select 2*/;
|
|
/*comment*/ select 2;
|
|
drop table t1;
|
|
set global server_audit_events='query_ddl,query_dml';
|
|
create table t1(id int);
|
|
insert into t1 values (1), (2);
|
|
select * from t1;
|
|
select 2;
|
|
drop table t1;
|
|
set global server_audit_events='query_dml';
|
|
create table t1(id int);
|
|
insert into t1 values (1), (2);
|
|
select * from t1;
|
|
select 2;
|
|
(select 2);
|
|
/*! select 2*/;
|
|
/*comment*/ select 2;
|
|
drop table t1;
|
|
set global server_audit_events='query_dcl';
|
|
create table t1(id int);
|
|
insert into t1 values (1), (2);
|
|
select * from t1;
|
|
CREATE USER u1 IDENTIFIED BY 'pwd-123';
|
|
GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321";
|
|
SET PASSWORD
|
|
# comment
|
|
FOR u1 = PASSWORD('pwd 098');
|
|
--error 1064
|
|
SET PASSWORD FOR u1=<secret>;
|
|
CREATE USER u3 IDENTIFIED BY '';
|
|
drop user u1, u2, u3;
|
|
select 2;
|
|
(select 2);
|
|
/*! select 2*/;
|
|
/*comment*/ select 2;
|
|
drop table t1;
|
|
set global server_audit_events='';
|
|
|
|
set global server_audit_query_log_limit= 15;
|
|
select (1), (2), (3), (4);
|
|
select 'A', 'B', 'C', 'D';
|
|
set global server_audit_query_log_limit= 1024;
|
|
drop database sa_db;
|
|
|
|
set global server_audit_file_path='.';
|
|
--replace_regex /\.[\\\/]/HOME_DIR\//
|
|
show status like 'server_audit_current_log';
|
|
set global server_audit_file_path='';
|
|
show status like 'server_audit_current_log';
|
|
set global server_audit_file_path=' ';
|
|
show status like 'server_audit_current_log';
|
|
set global server_audit_file_path='nonexisting_dir/';
|
|
show status like 'server_audit_current_log';
|
|
show variables like 'server_audit%';
|
|
uninstall plugin server_audit;
|
|
--enable_ps2_protocol
|
|
|
|
let $MYSQLD_DATADIR= `SELECT @@datadir`;
|
|
# replace the timestamp, hostname, and port number with constant values
|
|
--replace_regex /[0-9]* [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\,[^,]*\,/TIME,HOSTNAME,/ /\,[1-9][0-9]*\,/,1,/ /\,[1-9][0-9]*/,ID/ /,localhost:([0-9]+|unavailable)/,localhost:port/
|
|
cat_file $MYSQLD_DATADIR/server_audit.log;
|
|
remove_file $MYSQLD_DATADIR/server_audit.log;
|
|
|