云技术小编给大家分享一下MySQL5.6 audit审计插件如何安装,相信大部分人都还不怎么了解,因此分享这篇文章给大家参考一下,希望大家阅读完这篇文章后大有收获,下面让我们一起去了解一下吧!
audit审计插件的二进制包下载地址:
到https://bintray.com/mcafee/mysql-audit-plugin/release网站下载5.6对应的二进制包
名字为audit-plugin-mysql-5.6-1.1.2-694-linux-x86_64.zip
查看MySQL插件目录:
mysql> show global variables like ‘plugin_dir’;
+—————+——————————+
| Variable_name | Value |
+—————+——————————+
| plugin_dir | /usr/local/mysql/lib/plugin/ |
+—————+——————————+
1 row in set (0.00 sec)
mysql> quit
Bye
解压缩并cp libaudit_plugin.so到MySQL对应的插件目录:
# cd /root
# unzip audit-plugin-mysql-5.6-1.1.2-694-linux-x86_64.zip
Archive: audit-plugin-mysql-5.6-1.1.2-694-linux-x86_64.zip
creating: audit-plugin-mysql-5.6-1.1.2-694/
creating: audit-plugin-mysql-5.6-1.1.2-694/lib/
inflating: audit-plugin-mysql-5.6-1.1.2-694/lib/libaudit_plugin.so
inflating: audit-plugin-mysql-5.6-1.1.2-694/COPYING
inflating: audit-plugin-mysql-5.6-1.1.2-694/THIRDPARTY.txt
inflating: audit-plugin-mysql-5.6-1.1.2-694/README.txt
creating: audit-plugin-mysql-5.6-1.1.2-694/utils/
inflating: audit-plugin-mysql-5.6-1.1.2-694/utils/offset-extract.sh
# cd /root/audit-plugin-mysql-5.6-1.1.2-694/lib
# cp libaudit_plugin.so /usr/local/mysql/lib/plugin/
#cd /usr/local/mysql/lib/plugin/
# chmod +x libaudit_plugin.so
编辑/etc/my.cnf,添加如下内容:
plugin-load=AUDIT=libaudit_plugin.so
# service mysqld restart
Shutting down MySQL….. [ OK ]
Starting MySQL….. [ OK ]
或者用命令安装plugin:
mysql>INSTALL PLUGIN AUDIT SONAME ‘libaudit_plugin.so’;
查看安装的plugin:
mysql> show plugins;
+—————————-+———-+——————–+——————–+———+
| Name | Status | Type | Library | License |
+—————————-+———-+——————–+——————–+———+
| binlog | ACTIVE | STORAGE ENGINE | NULL | GPL |
| mysql_native_password | ACTIVE | AUTHENTICATION | NULL | GPL |
| mysql_old_password | ACTIVE | AUTHENTICATION | NULL | GPL |
| sha256_password | ACTIVE | AUTHENTICATION | NULL | GPL |
| MyISAM | ACTIVE | STORAGE ENGINE | NULL | GPL |
| MRG_MYISAM | ACTIVE | STORAGE ENGINE | NULL | GPL |
| MEMORY | ACTIVE | STORAGE ENGINE | NULL | GPL |
| CSV | ACTIVE | STORAGE ENGINE | NULL | GPL |
| BLACKHOLE | ACTIVE | STORAGE ENGINE | NULL | GPL |
| InnoDB | ACTIVE | STORAGE ENGINE | NULL | GPL |
| INNODB_TRX | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_LOCKS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_LOCK_WAITS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMP | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMP_RESET | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMPMEM | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMPMEM_RESET | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMP_PER_INDEX | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_CMP_PER_INDEX_RESET | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_BUFFER_PAGE | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_BUFFER_PAGE_LRU | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_BUFFER_POOL_STATS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_METRICS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_DEFAULT_STOPWORD | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_DELETED | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_BEING_DELETED | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_CONFIG | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_INDEX_CACHE | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_FT_INDEX_TABLE | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_TABLES | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_TABLESTATS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_INDEXES | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_COLUMNS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_FIELDS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_FOREIGN | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_FOREIGN_COLS | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_TABLESPACES | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| INNODB_SYS_DATAFILES | ACTIVE | INFORMATION SCHEMA | NULL | GPL |
| PERFORMANCE_SCHEMA | ACTIVE | STORAGE ENGINE | NULL | GPL |
| FEDERATED | DISABLED | STORAGE ENGINE | NULL | GPL |
| ARCHIVE | ACTIVE | STORAGE ENGINE | NULL | GPL |
| partition | ACTIVE | STORAGE ENGINE | NULL | GPL |
| AUDIT | ACTIVE | AUDIT | libaudit_plugin.so | GPL |
+—————————-+———-+——————–+——————–+———+
43 rows in set (0.00 sec)
可以看到最后一行有AUDIT libaudit_plugin.so的字样,说明安装成功.
mysql> SHOW GLOBAL VARIABLES LIKE ‘audit%’;
+———————————+———————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————+
| Variable_name | Value |
+———————————+———————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————+
| audit_before_after | after |
| audit_checksum | |
| audit_client_capabilities | OFF |
| audit_delay_cmds | |
| audit_delay_ms | 0 |
| audit_force_record_logins | OFF |
| audit_header_msg | ON |
| audit_json_file | OFF |
| audit_json_file_bufsize | 1 |
| audit_json_file_flush | OFF |
| audit_json_file_retry | 60 |
| audit_json_file_sync | 0 |
| audit_json_log_file | mysql-audit.json |
| audit_json_socket | OFF 免费主机域名 |
| audit_json_socket_name | /var/run/db-audit/mysql.audit__usr_local_mysql_data_3306 |
| audit_json_socket_retry | 10 |
| audit_offsets | |
| audit_offsets_by_version | ON |
| audit_password_masking_cmds | CREATE_USER,GRANT,SET_OPTION,SLAVE_START,CREATE_SERVER,ALTER_SERVER,CHANGE_MASTER,UPDATE |
| audit_password_masking_regex | identified(?:/*.*?*/|s)*?by(?:/*.*?*/|s)*?(?:password)?(?:/*.*?*/|s)*?[‘|”](?.*?)(?