DatabaseMysql TutorialDetailed introduction to the testing of MySQL audit plug-in (mcafee and mariadb versions)Detailed introduction to the testing of MySQL audit plug-in (mcafee and mariadb versions)
Test server configuration: Dell R730; 24 cores; 64G memory; ssd disk.
Centos version: 6.4; MySQL version: Community 5.6.12; Test database size: 24G.
sysbench parameters: 64 threads, 10 tables, each table is pre-initialized with 10 million data, read and write mixed OLTP mode. Running on the same machine as mysql.
Test duration: 5 minutes/scenario.
The plug-in is not installed
OLTP test statistics: queries performed: read: 15377012 write: 4393432 other: 2196716 total: 21967160 transactions: 1098358 (3661.01 per sec.) read/write requests: 19770444 (65898.21 per sec.) other operations: 2196716 (7322.02 per sec.) ignored errors: 0 (0.00 per sec.) reconnects: 0 (0.00 per sec.)
Mcafee plug-in official website address: https://github.com/mcafee/mysql-audit/wiki
Use version: v1.0.9
Installation
INSTALL PLUGIN AUDIT SONAME 'libaudit_plugin.so';
Enable
set global audit_json_file=1;
Disable
set global audit_json_file=0;
Restart mysql
The plug-in will not be uninstalled and logging will not be enabled.
Uninstall
Directly execute UNINSTALL PLUGIN AUDIT; uninstallation will report an error: Uninstall AUDIT plugin disabled.
At the same time, it was found that Variable 'audit_uninstall_plugin' is a read only variable
You need to add audit_uninstall_plugin=1 to my.cnf and restart mysql.
After restarting, execute UNINSTALL PLUGIN AUDIT twice; to uninstall.
After the uninstallation is completed, audit_uninstall_plugin=1 needs to be deleted from my.cnf, otherwise an error will be reported next time mysql is started: [ERROR] /data/mysql/bin/mysqld: unknown variable 'audit_uninstall_plugin=1'
Log format: json
{"msg-type":"activity","date":"1484795122970","thread-id":"557","query-id":"61687115","user":"root","priv_user":"root","ip":"127.0.0.1","cmd":"select",
"objects":[{"db":"sysbench_test","name":"sbtest7","obj_type":"TABLE"}],"query":"SELECT c FROM sbtest7 WHERE id=5015211"}Only logs of successful operations will be recorded
OLTP test statistics: queries performed: read: 8376872 write: 2393392 other: 1196696 total: 11966960 transactions: 598348 (1994.38 per sec.) read/write requests: 10770264 (35898.81 per sec.) other operations: 1196696 (3988.76 per sec.) ignored errors: 0 (0.00 per sec.) reconnects: 0 (0.00 per sec.)
Mariadb plug-in official website address: https://mariadb .com/kb/en/mariadb/about-the-
Using version: 1.1.7
Install
INSTALL PLUGIN server_audit SONAME 'server_audit.so';
Enable
set global server_audit_logging=1; set global server_audit_file_rotate_size=1073741824; set global server_audit_file_rotations=4;
Disable
set global server_audit_logging=0;
Restart mysql
The plug-in will not be uninstalled and logging will not be enabled. However, all parameters will be reset, and you need to perform the required parameter configuration when you enable it again.
Uninstall
UNINSTALL PLUGIN server_audit;
Uninstalling the plug-in does not require restarting mysql.
Log format: fixed format text
20170119 10:39:19,localhost.localdomain,root,127.0.0.1,375,8330400,QUERY,sysbench_test,'SELECT c FROM sbtest5 WHERE id=5037936',0
All operations will be recorded. SQL injection can be logged.
OLTP test statistics: queries performed: read: 9098362 write: 2599532 other: 1299766 total: 12997660 transactions: 649883 (2166.16 per sec.) read/write requests: 11697894 (38990.84 per sec.) other operations: 1299766 (4332.32 per sec.) ignored errors: 0 (0.00 per sec.) reconnects: 0 (0.00 per sec.)
Summary:
mcafee’s audit plug-in:
Performance dropped by about 46%, generating log 3.0 G
Uninstalling the plug-in requires restarting mysql. The plug-in does not automatically scroll, and additional cleaning tasks need to be deployed. There is a risk of insufficient disk space due to failure of the cleaning task. It is difficult to coordinate the analysis and cleaning tasks of pulling logs to other servers, and the cleaning tasks will have a certain degree of coupling.
Mariadb audit plug-in:
The performance dropped by about 41%, generating 1864M logs.
The performance is slightly better than mcafee's plug-in. Audit logs have automatic scrolling. Easy to uninstall. In terms of compatibility, the version test of 5.6.12 is not suitable for versions 1.1.7 and above. If used, the MySQL daemon will restart mysql indefinitely. Officially, versions 1.2.0 and above must be used in MySQL 5.6.17 and above, and must be tested before use. .
Percona’s audit plug-in:
It is not adapted to versions earlier than 5.6.17 and has not been tested yet.
The above is the detailed introduction of the MySQL audit plug-in test (mcafee and mariadb versions). For more related content, please pay attention to the PHP Chinese website (www.php.cn)!
How does MySQL handle concurrency compared to other RDBMS?Apr 29, 2025 am 12:44 AMMySQLhandlesconcurrencyusingamixofrow-levelandtable-levellocking,primarilythroughInnoDB'srow-levellocking.ComparedtootherRDBMS,MySQL'sapproachisefficientformanyusecasesbutmayfacechallengeswithdeadlocksandlacksadvancedfeatureslikePostgreSQL'sSerializa
How does MySQL handle transactions compared to other relational databases?Apr 29, 2025 am 12:37 AMMySQLhandlestransactionseffectivelyusingtheInnoDBengine,supportingACIDpropertiessimilartoPostgreSQLandOracle.1)MySQLusesREPEATABLEREADasthedefaultisolationlevel,whichcanbeadjustedtoREADCOMMITTEDforhigh-trafficscenarios.2)Itoptimizesperformancewithabu
What are the data types available in MySQL?Apr 29, 2025 am 12:28 AMMySQL data types are divided into numerical, date and time, string, binary and spatial types. Selecting the correct type can optimize database performance and data storage.
What are some best practices for writing efficient SQL queries in MySQL?Apr 29, 2025 am 12:24 AMBest practices include: 1) Understanding the data structure and MySQL processing methods, 2) Appropriate indexing, 3) Avoid SELECT*, 4) Using appropriate JOIN types, 5) Use subqueries with caution, 6) Analyzing queries with EXPLAIN, 7) Consider the impact of queries on server resources, 8) Maintain the database regularly. These practices can make MySQL queries not only fast, but also maintainability, scalability and resource efficiency.
How does MySQL differ from PostgreSQL?Apr 29, 2025 am 12:23 AMMySQLisbetterforspeedandsimplicity,suitableforwebapplications;PostgreSQLexcelsincomplexdatascenarioswithrobustfeatures.MySQLisidealforquickprojectsandread-heavytasks,whilePostgreSQLispreferredforapplicationsrequiringstrictdataintegrityandadvancedSQLf
How does MySQL handle data replication?Apr 28, 2025 am 12:25 AMMySQL processes data replication through three modes: asynchronous, semi-synchronous and group replication. 1) Asynchronous replication performance is high but data may be lost. 2) Semi-synchronous replication improves data security but increases latency. 3) Group replication supports multi-master replication and failover, suitable for high availability requirements.
How can you use the EXPLAIN statement to analyze query performance?Apr 28, 2025 am 12:24 AMThe EXPLAIN statement can be used to analyze and improve SQL query performance. 1. Execute the EXPLAIN statement to view the query plan. 2. Analyze the output results, pay attention to access type, index usage and JOIN order. 3. Create or adjust indexes based on the analysis results, optimize JOIN operations, and avoid full table scanning to improve query efficiency.
How do you back up and restore a MySQL database?Apr 28, 2025 am 12:23 AMUsing mysqldump for logical backup and MySQLEnterpriseBackup for hot backup are effective ways to back up MySQL databases. 1. Use mysqldump to back up the database: mysqldump-uroot-pmydatabase>mydatabase_backup.sql. 2. Use MySQLEnterpriseBackup for hot backup: mysqlbackup--user=root-password=password--backup-dir=/path/to/backupbackup. When recovering, use the corresponding life
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Atom editor mac version download
The most popular open source editor
Notepad++7.3.1
Easy-to-use and free code editor
Dreamweaver Mac version
Visual web development tools
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
