需要对用户连接数据库进行监控,以便跟踪用户行为,同时以不同的格式记录传递给另一个应用程序。
实例
shell> mysqlauditgrep --user=root --event-type=Connect \
--format=CSV /MySQL/SERVER/data/audit.log
STATUS,NAME,TIMESTAMP,CONNECTION_ID,HOST,USER,PRIV_USER,IP
0,Connect,2013-08-01T15:24:26,33,localhost,root,root,127.0.0.1
0,Connect,2013-08-01T15:24:26,34,localhost,root,root,127.0.0.1
0,Connect,2013-08-01T15:24:26,35,localhost,root,root,127.0.0.1
0,Connect,2013-08-01T15:24:26,36,localhost,root,root,127.0.0.1
0,Connect,2013-08-01T18:18:43,37,localhost,root,root,127.0.0.1
0,Connect,2013-08-01T18:49:46,38,,root,root,192.168.1.104
1045,Connect,2013-08-01T19:18:08,39,localhost,root,,127.0.0.1
--event-type 选项指定事件类型,值有:Audit, Binlog Dump, Change user, Close stmt, Out, Connect, Create DB, Daemon, Debug, Delayed, insert, Drop DB, Execute, Fetch, Field List, Init DB, Kill, Long Data, NoAudit, Ping, Prepare, Processlist, Query, Quit, Refresh, Register Slave, Reset stmt, Set option, Shutdown, Sleep, Statistics, Table Dump, Time。值不区分大小写。值有空格需要用双引号或单引号。文章源自运维生存时间-https://www.ttlsa.com/mysql/mysql-how-to-display-connect-user-info/
--user 选项指定特定用户。区分大小写的。文章源自运维生存时间-https://www.ttlsa.com/mysql/mysql-how-to-display-connect-user-info/
权限
用户需要能读取到审计日志权限。文章源自运维生存时间-https://www.ttlsa.com/mysql/mysql-how-to-display-connect-user-info/
文章源自运维生存时间-https://www.ttlsa.com/mysql/mysql-how-to-display-connect-user-info/
关于审计日志层面的管理维护操作至此结束,下面的内容转入到针对服务器层面的操作维护管理了。文章源自运维生存时间-https://www.ttlsa.com/mysql/mysql-how-to-display-connect-user-info/ 文章源自运维生存时间-https://www.ttlsa.com/mysql/mysql-how-to-display-connect-user-info/
评论