By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

MYSQL Audit logging for QUERY_DML (INSERT,UPDATE,DELETE) only not working - still see SELECTs

0

I've followed the instructions to enable audit logging for my MySQL 5.7 instance on RDS from these instructions

I would like to only see mutating operations: e.g.: UPDATE, INSERT, DELETE queries. Based on the above instructions, I should set the SERVER_AUDIT_EVENTS parameter in the option group to QUERY_DML. I have done this, keeping all the other default settings, my option group settings looks like this:

NameValue
SERVER_AUDIT_EVENTSQUERY_DML
SERVER_AUDIT_LOGGINGON
SERVER_AUDIT_INCL_USERS-
SERVER_AUDITFORCE_PLUS_PERMANENT
SERVER_AUDIT_FILE_ROTATIONS-
SERVER_AUDIT_QUERY_LOG_LIMIT1024
SERVER_AUDIT_FILE_PATH/rdsdbdata/log/audit/
SERVER_AUDIT_FILE_ROTATE_SIZE-
SERVER_AUDIT_EXCL_USERS-

I assigned this option group to my MySQL database and restarted. I see the audit logs but I still see SELECT statements. What did I miss to enable only DML audit logging?

Topics
Database
Tags
MySQL
Language
English
LorenzAttuned
asked 6 months ago423 views
1 Answer
0
Accepted Answer

Hello.

"QUERY_DML" is an event that includes "Select".
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.MySQL.Options.AuditPlugin.html

QUERY_DML: Similar to the QUERY event, but returns only data manipulation language (DML) queries (INSERT, UPDATE, and so on, and also SELECT).

profile picture
EXPERT
Riku_Kobayashi
answered 6 months ago
profile pictureAWS
EXPERT
Didier_Durand
reviewed 6 months ago
  • LorenzAttuned
    6 months ago

    Thanks for the answer Riku! I think the documentation for the link I shared needs to be updated to include QUERY_DML_NO_SELECT :)

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content