Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

MYSQL Audit logging for QUERY_DML (INSERT,UPDATE,DELETE) only not working - still see SELECTs

0

I've followed the instructions to enable audit logging for my MySQL 5.7 instance on RDS from these instructions

I would like to only see mutating operations: e.g.: UPDATE, INSERT, DELETE queries. Based on the above instructions, I should set the SERVER_AUDIT_EVENTS parameter in the option group to QUERY_DML. I have done this, keeping all the other default settings, my option group settings looks like this:

NameValue
SERVER_AUDIT_EVENTSQUERY_DML
SERVER_AUDIT_LOGGINGON
SERVER_AUDIT_INCL_USERS-
SERVER_AUDITFORCE_PLUS_PERMANENT
SERVER_AUDIT_FILE_ROTATIONS-
SERVER_AUDIT_QUERY_LOG_LIMIT1024
SERVER_AUDIT_FILE_PATH/rdsdbdata/log/audit/
SERVER_AUDIT_FILE_ROTATE_SIZE-
SERVER_AUDIT_EXCL_USERS-

I assigned this option group to my MySQL database and restarted. I see the audit logs but I still see SELECT statements. What did I miss to enable only DML audit logging?

Temas
Base de datos
Etiquetas
MySQL
Idioma
English
LorenzAttuned
preguntada hace 7 meses475 visualizaciones
1 Respuesta
0
Respuesta aceptada

Hello.

"QUERY_DML" is an event that includes "Select".
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.MySQL.Options.AuditPlugin.html

QUERY_DML: Similar to the QUERY event, but returns only data manipulation language (DML) queries (INSERT, UPDATE, and so on, and also SELECT).

profile picture
EXPERTO
Riku_Kobayashi
respondido hace 7 meses
profile pictureAWS
EXPERTO
Didier_Durand
revisado hace 7 meses
  • LorenzAttuned
    hace 7 meses

    Thanks for the answer Riku! I think the documentation for the link I shared needs to be updated to include QUERY_DML_NO_SELECT :)

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante