Uploaded image for project: 'Percona Server for MySQL'
  1. Percona Server for MySQL
  2. PS-5707

Audit log filtering by user is not working

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Done
    • Priority: Medium
    • Resolution: Fixed
    • Affects Version/s: 5.6.39-83.1
    • Fix Version/s: 5.6.46-86.2
    • Component/s: None

      Description

      Using this configuration on PS 5.6.39:

       mysql -h 127.0.0.1 -u test_user -ptest_password -e "SHOW VARIABLES LIKE 'audit_log_%'"
      mysql: [Warning] Using a password on the command line interface can be insecure.
      +----------------------------+---------------------------------+
      | Variable_name | Value |
      +----------------------------+---------------------------------+
      | audit_log_buffer_size | 1048576 |
      | audit_log_exclude_accounts | test_user@%,test_user@localhost |
      | audit_log_exclude_commands | |
      | audit_log_file | audit.log |
      | audit_log_flush | OFF |
      | audit_log_format | JSON |
      | audit_log_handler | FILE |
      | audit_log_include_accounts | |
      | audit_log_include_commands | |
      | audit_log_policy | ALL |
      | audit_log_rotate_on_size | 0 |
      | audit_log_rotations | 0 |
      | audit_log_strategy | ASYNCHRONOUS |
      | audit_log_syslog_facility | LOG_USER |
      | audit_log_syslog_ident | percona-audit |
      | audit_log_syslog_priority | LOG_INFO |
      +----------------------------+---------------------------------+

      The queries are logged even if the user is excluded:

      {"audit_record":{"name":"Connect","record":"7397421_2019-06-13T14:02:23","timestamp":"2019-06-13T14:02:34 UTC","connection_id":"1","status":0,"user":"test_user","priv_user":"test_user","os_login":"","proxy_user":"","host":"","ip":"192.168.128.1","db":""}}
      {"audit_record":{"name":"Query","record":"7397422_2019-06-13T14:02:23","timestamp":"2019-06-13T14:02:34 UTC","command_class":"select","connection_id":"1","status":0,"sqltext":"select @@version_comment limit 1","user":"test_user[test_user] @  [192.168.128.1]","host":"","os_user":"","ip":"192.168.128.1","db":""}}
      {"audit_record":{"name":"Query","record":"7397423_2019-06-13T14:02:23","timestamp":"2019-06-13T14:02:34 UTC","command_class":"show_variables","connection_id":"1","status":0,"sqltext":"SHOW VARIABLES LIKE 'audit_log_%'","user":"test_user[test_user] @  [192.168.128.1]","host":"","os_user":"","ip":"192.168.128.1","db":""}}
      {"audit_record":{"name":"Quit","record":"7397424_2019-06-13T14:02:23","timestamp":"2019-06-13T14:02:34 UTC","connection_id":"1","status":0,"user":"test_user","priv_user":"test_user","os_login":"","proxy_user":"","host":"","ip":"192.168.128.1","db":""}}
      

      The same configuration using 5.7.25 works fine.

       

        Smart Checklist

          Attachments

            Activity

              People

              Assignee:
              kamil.holubicki Kamil Holubicki
              Reporter:
              yves@percona.com Yves Trudeau
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - Not Specified
                  Not Specified
                  Logged:
                  Time Spent - 3 days, 26 minutes
                  3d 26m