最近有发现有坏蛋delete 了数据,找不到是哪个user 哪个host,发现mysql 是可以对没有super 权限的用户开启审计功能,oracle早就
最近有发现有坏蛋delete 了数据,找不到是哪个user 哪个host,发现mysql 是可以对没有super 权限的用户开启审计功能,Oracle早就实现了,只需要打开参数即可。
1.在my.cnf [mysqld]组下加入
init-connect='insert intoaduit.accesslog(id,time,localname,matchname)values(connection_id(),now(),user(),current_user());’
#create database accesslog;
CREATE TABLE aduit.accesslog (`id` int(11) primary keyauto_increment, `time` timestamp, `localname` varchar(30), `matchname`varchar(30))engine=innodb;
2.被审计的用户需要有insert aduit.accesslog 权限
grant insert on aduit.accesslog to hhl@'172.17.62.%' identified by'xxx';
3.只能审计普通用户没有super权限的用户的DDL,DML,还用开启binlog 分析。
[root@wy ~]# mysql -upxy -p -P3306 -h 10.45.247.81
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
mysql> insert into test.t10 values(10);
Query OK, 1 row affected (0.00 sec)
#上面client 连接Processid = 11
mysql> select * from aduit.accesslog;
+----+---------------------+---------------------+-----------+
| id | time |localname | matchname |
+----+---------------------+---------------------+-----------+
| 3 | 2014-09-24 17:16:06 |admin@10.45.247.160 | admin@% |
| 10 | 2014-09-24 17:26:18 | pxy@10.45.247.160 | pxy@% |
| 11 | 2014-09-24 17:28:13 |pxy@10.45.247.160 | pxy@% |
+----+---------------------+---------------------+-----------+
Processid = 11 ,
mysql> show processlist;
+----+-----------------+---------------------+------+---------+------+------------------------+------------------+
| Id | User | Host | db | Command | Time | State | Info |
+----+-----------------+---------------------+------+---------+------+------------------------+------------------+
| 2 | root | localhost | NULL | Query | 0| NULL | showprocesslist |
| 11 | pxy | 10.45.247.160:53086 | NULL |Sleep | 26 | | NULL |
+----+-----------------+---------------------+------+---------+------+------------------------+------------------+
看到了id=11的吧,就是aduit.accesslog 表的id列。
通过解析 binlog
[root@localhost binlog]# mysqlbinlog --base64-output=decode-rows -v-v mysql-bin.000030 |grep -nthread_id=11
22:#140924 17:28:13 server id 114 end_log_pos 282 Query thread_id=11 exec_time=0 error_code=0
24:SET @@session.pseudo_thread_id=11/*!*/;
42:#140924 17:32:21 server id 114 end_log_pos 491 Query thread_id=11 exec_time=0 error_code=0
定位到模糊的行位置,再找到binlog中Processid = 11 的操作。
--------------------------------------分割线 --------------------------------------
Ubuntu 14.04下安装MySQL
《MySQL权威指南(原书第2版)》清晰中文扫描版 PDF
Ubuntu 14.04 LTS 安装 LNMP Nginx\PHP5 (PHP-FPM)\MySQL
Ubuntu 14.04下搭建MySQL主从服务器
Ubuntu 12.04 LTS 构建高可用分布式 MySQL 集群
Ubuntu 12.04下源代码安装MySQL5.6以及Python-MySQLdb
MySQL-5.5.38通用二进制安装
--------------------------------------分割线 --------------------------------------
本文永久更新链接地址:
What Are the Limitations of Using Views in MySQL?May 14, 2025 am 12:10 AMMySQLviewshavelimitations:1)Theydon'tsupportallSQLoperations,restrictingdatamanipulationthroughviewswithjoinsorsubqueries.2)Theycanimpactperformance,especiallywithcomplexqueriesorlargedatasets.3)Viewsdon'tstoredata,potentiallyleadingtooutdatedinforma
Securing Your MySQL Database: Adding Users and Granting PrivilegesMay 14, 2025 am 12:09 AMProperusermanagementinMySQLiscrucialforenhancingsecurityandensuringefficientdatabaseoperation.1)UseCREATEUSERtoaddusers,specifyingconnectionsourcewith@'localhost'or@'%'.2)GrantspecificprivilegeswithGRANT,usingleastprivilegeprincipletominimizerisks.3)
What Factors Influence the Number of Triggers I Can Use in MySQL?May 14, 2025 am 12:08 AMMySQLdoesn'timposeahardlimitontriggers,butpracticalfactorsdeterminetheireffectiveuse:1)Serverconfigurationimpactstriggermanagement;2)Complextriggersincreasesystemload;3)Largertablesslowtriggerperformance;4)Highconcurrencycancausetriggercontention;5)M
MySQL: Is it safe to store BLOB?May 14, 2025 am 12:07 AMYes,it'ssafetostoreBLOBdatainMySQL,butconsiderthesefactors:1)StorageSpace:BLOBscanconsumesignificantspace,potentiallyincreasingcostsandslowingperformance.2)Performance:LargerrowsizesduetoBLOBsmayslowdownqueries.3)BackupandRecovery:Theseprocessescanbe
MySQL: Adding a user through a PHP web interfaceMay 14, 2025 am 12:04 AMAdding MySQL users through the PHP web interface can use MySQLi extensions. The steps are as follows: 1. Connect to the MySQL database and use the MySQLi extension. 2. Create a user, use the CREATEUSER statement, and use the PASSWORD() function to encrypt the password. 3. Prevent SQL injection and use the mysqli_real_escape_string() function to process user input. 4. Assign permissions to new users and use the GRANT statement.
MySQL: BLOB and other no-sql storage, what are the differences?May 13, 2025 am 12:14 AMMySQL'sBLOBissuitableforstoringbinarydatawithinarelationaldatabase,whileNoSQLoptionslikeMongoDB,Redis,andCassandraofferflexible,scalablesolutionsforunstructureddata.BLOBissimplerbutcanslowdownperformancewithlargedata;NoSQLprovidesbetterscalabilityand
MySQL Add User: Syntax, Options, and Security Best PracticesMay 13, 2025 am 12:12 AMToaddauserinMySQL,use:CREATEUSER'username'@'host'IDENTIFIEDBY'password';Here'showtodoitsecurely:1)Choosethehostcarefullytocontrolaccess.2)SetresourcelimitswithoptionslikeMAX_QUERIES_PER_HOUR.3)Usestrong,uniquepasswords.4)EnforceSSL/TLSconnectionswith
MySQL: How to avoid String Data Types common mistakes?May 13, 2025 am 12:09 AMToavoidcommonmistakeswithstringdatatypesinMySQL,understandstringtypenuances,choosetherighttype,andmanageencodingandcollationsettingseffectively.1)UseCHARforfixed-lengthstrings,VARCHARforvariable-length,andTEXT/BLOBforlargerdata.2)Setcorrectcharacters
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
Zend Studio 13.0.1
Powerful PHP integrated development environment
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
