热门标签
热门文章
- 1MySQL 日期时间函数_mysql 周几
- 2分币不花,K哥带你白嫖海外代理 ip!_免费海外代理ip 博客
- 32024年Android最全版本控制之——Android Studio本地项目关联SVN并提交代码仓库,2024年最新百度安卓二面_studio 本地版本管理
- 4帕鲁存档跨云迁服教程_帕鲁 阿里云 存档
- 5不装了,我是搞市场的,我摊牌了
- 6调用hadoop api实现文件的上传、下载、删除、创建目录和显示功能_hadoop实现大文件上传下载
- 7iReport 使用手册(生成 PDF 表单)_ireport生成pdf文件
- 8用Python进行情感分析:揭秘社交媒体评论、产品评论和新闻文章中的情感极性_社交媒体情感分析py
- 9axios安装与使用_离线安装axios
- 10【附源码】Java计算机毕业设计高校迎新管理小程序(程序+LW+部署)_智慧校园服务平台java迎新管理代码
当前位置: article > 正文
MySQL之体系结构_mysql体系结构
作者:酷酷是懒虫 | 2024-07-06 05:53:12
赞
踩
mysql体系结构
一、 MySQL系统体系结构
1.MySQL系统体系结构
1.1 数据库
1.2 数据库实例
1.3 MySQL体系结构
1.4 逻辑存储结构
1.5 MySQL物理存储结构
二、 MySQL主要文件
1.慢查询日志
1.1 慢查询日志相关参数:
1.2 慢查询日志测试
2. 通用日志(generic_log)与审计
1.1 通用日志作用
1.2 审计插件
1.3 mcafee Audit Plugin安装
一、 MySQL系统体系结构
1.MySQL系统体系结构
1.1 数据库
- 数据库(数据库文件)是
一个或者一组二进制文件,通常来说存在与文件系统之上。
1.2 数据库实例
- 由数据库
后台进程/线程以及一个共享内存区组成 共享内存可以被运行的后台进程/线程所共享- 数据库实例才是真正用来
操作数据库文件的 - 注意:MySQL中,数据库实例和数据库是一一对应的。没有Oracle的一对多(RAC)的机制。
1.3 MySQL体系结构
-
单进程多线程结构
-
不会影响MySQL的性能,看程序如何写。(多进程程序,进程间通信开销大于多线程)
-
存储引擎的概念
- 可以理解成文件系统,例如FAT32, NTFS, EXT4。
- 一个表是一个分区,引擎就是分区的文件系统
存储引擎的对象就是表 - show tables; 可以看到每个表对应的是上面引擎(Engine)
- 除了特殊情况,我们现在就只考虑
INNODB
-
体系结构图
1.4 逻辑存储结构
- MySQL逻辑存储结构
- instance
- database
- schema
- table
- view
- 一个DB对应一个schema
- 一个DB对应一个文件夹
- 一个表对应一组文件
- |--> table1 --- | view1 |
- MySQL Instance -----> Database ----> Schema ---> |--> table2 --- | view2 |
- |--> table3 --- | View3 |
- 注意: MySQL中一个Database对应一个Schema
1.5 MySQL物理存储结构
- MySQL配置文件
- datadir
- 存储数据二进制文件的路径
- datadir
- 表结构的组成
- frm:表结构定义文件 MYI:索引文件
- MYD:数据文件 可以用hexdump -c XXX.frm查看二 进制文件(意义不大)
- show create table tablename;
- mysqlfrm (utilities工具包)
shell> mysqlfrm --diagnostic /data/mysql_data/aaa/.a.frm #可将frm文件转成create table的语句
- 错误日志文件
- log_err 建议配置成统一的名字,方便定位错误
- 慢查询日志文件
- 将运行超过某一个时间阈值的SQL语句记录到文件
- MySQL < 5.1 :以秒为单位
- MySQL >= 5.1 : 以毫秒为单位
- MySQL >= 5.5 : 可以将慢查询日志记录到表
- MySQL >= 5.6 : 以更细的粒度记录慢查询
- MySQL >= 5.7 : 增加timestamps支持
- slow_query_log_file
- 建议配置成统一的名字,用于优化查询
- 将运行超过某一个时间阈值的SQL语句记录到文件
- 通用日志作用
- 可以记录数据库所有相关操作
- 参数:general_log
- 默认文件名:机器名.log
- 同样可以将日志保存到表
- mysql.general_log
- 开启性能下降明显
二、 MySQL主要文件
1.慢查询日志
1.1 慢查询日志相关参数:
-
slow_query_log- 是否开启慢查询日志
-
slow_query_log_file- 慢查询日志文件名, 在
my.cnf我们已经定义为slow.log,默认是 机器名-slow.log
- 慢查询日志文件名, 在
-
long_query_time- 制定慢查询阈值, 单位是秒,且当版本
>=5.5.X,支持毫秒。例如0.5即为500ms 大于该值,不包括值本身。例如该值为2,则执行时间正好等于2的SQL语句不会记录
- 制定慢查询阈值, 单位是秒,且当版本
-
log_queries_not_using_indexes- 将
没有使用索引的SQL记录到慢查询日志- 如果一开始因为数据少,查表快,耗时的SQL语句没被记录,当数据量大时,该SQL可能会执行很长时间
- 需要测试阶段就要发现问题,减小上线后出现问题的概率
- 将
-
log_throttle_queries_not_using_indexes限制每分钟内,在慢查询日志中,去记录没有使用索引的SQL语句的次数;版本需要>=5.6.X- 因为没有使用索引的SQL可能会短时间重复执行,为了避免日志快速增大,限制每分钟的记录次数
-
min_examined_row_limit扫描记录少于该值的SQL不记录到慢查询日志- 结合去记录没有使用索引的SQL语句的例子,有可能存在某一个表,数据量维持在百行左右,且没有建立索引。这种表即使不建立索引,查询也很快,扫描记录很小,如果确定有这种表,则可以通过此参数设置,将这个SQL不记录到慢查询日志。
-
log_slow_admin_statements记录超时的管理操作SQL到慢查询日志,比如ALTER/ANALYZE TABLE
-
log_output- 慢查询日志的格式,[FILE | TABLE | NONE],默认是FILE;版本
>=5.5 - 如果设置为TABLE,则记录的到
mysql.slow_log
- 慢查询日志的格式,[FILE | TABLE | NONE],默认是FILE;版本
-
log_slow_slave_statements- 在从服务器上开启慢查询日志
-
log_timestamps- 写入时区信息。可根据需求记录UTC时间或者服务器本地系统时间
1.2 慢查询日志测试
-
查看慢查询记录的相关参数
- 终端A
- root@gczheng 00:01: [(none)]> select version();
- +------------+
- | version() |
- +------------+
- | 5.7.18-log |
- +------------+
- 1 row in set (0.00 sec)
-
- root@gczheng 00:02: [(none)]> show variables like "slow%";
- +---------------------+------------------------+
- | Variable_name | Value |
- +---------------------+------------------------+
- | slow_launch_time | 2 |
- | slow_query_log | ON | --slow_query_log已打开
- | slow_query_log_file | /r2/mysqldata/slow.log | --slow日志位置
- +---------------------+------------------------+
- 3 rows in set (0.01 sec)
-
- root@gczheng 00:03: [(none)]> show variables like "long_query%";
- +-----------------+----------+
- | Variable_name | Value |
- +-----------------+----------+
- | long_query_time | 1.000000 | -- my.cnf 中该值设置为2秒
- +-----------------+----------+
- 1 row in set (0.01 sec)
-
- root@gczheng 00:03: [(none)]> show variables like "min_ex%";
- +------------------------+-------+
- | Variable_name | Value |
- +------------------------+-------+
- | min_examined_row_limit | 0 | -- my.cnf中未配置,默认值为0
- +------------------------+-------+
- 1 row in set (0.00 sec)
-
-
查看慢查询日志
- 终端B
- [root@rhel7 mysqldata]# tail -f /r2/mysqldata/slow.log
- bin/mysqld, Version: 5.7.18-log (MySQL Community Server (GPL)). started with:
- Tcp port: 3306 Unix socket: /r2/mysqldata/mysql.sock
- Time Id Command Argument
-
进行模拟耗时操作
- 终端A
- root@gczheng 00:11: [(none)]> select sleep(8);
- +----------+
- | sleep(8) |
- +----------+
- | 0 |
- +----------+
- 1 row in set (8.00 sec)
-
最终产生慢查询日志
- 终端B
- [root@rhel7 mysqldata]# tail -f /r2/mysqldata/slow.log
- bin/mysqld, Version: 5.7.18-log (MySQL Community Server (GPL)). started with:
- /usr/local/mysql/bin/mysqld, Version: 5.7.18-log (MySQL Community Server (GPL)). started with:
- Tcp port: 3306 Unix socket: /r2/mysqldata/mysql.sock
- Time Id Command Argument
- # Time: 2017-11-23T00:11:20.876205+08:00
- # User@Host: root[root] @ localhost [] Id: 3
- # Query_time: 8.000251 Lock_time: 0.000000 Rows_sent: 1 Rows_examined: 0
- #这个就是min_examined_row_limit
- #设置的意义。如my.cnf中设置该值为100
- #则这条语句因为Rows_examined < 100,而不会被记录
- SET timestamp=1511367080;
- select sleep(8);
注意
如果在终端A中set global min_examined_row_limit = 100;, 然后执行select sleep(8),会发现该记录仍然被记录到慢查询日志中。原因是因为set global min_examined_row_limit设置的是全局变量,此次会话不生效。
但是我们上面
set global slow_query_log = 1;却是在线生效的,这点有所不通
- mysqldumpslow
- [root@rhel7 mysqldata]# mysqldumpslow slow.log
-
- Reading mysql slow query log from slow.log
- Count: 2 Time=15.88s (31s) Lock=0.00s (0s) Rows=1.0 (2), root[root]@localhost
- select sleep(N)
-
- Count: 1 Time=0.00s (0s) Lock=0.00s (0s) Rows=0.0 (0), 0users@0hosts
- bin/mysqld, Version: N.N.N-log (MySQL Community Server (GPL)). started with:
-
- [root@rhel7 mysqldata]# mysqldumpslow --help
- Usage: mysqldumpslow [ OPTS... ] [ LOGS... ]
-
- Parse and summarize the MySQL slow query log. Options are
-
- --verbose verbose
- --debug debug
- --help write this text to standard output
- -v verbose
- -d debug
- -s ORDER what to sort by (al, at, ar, c, l, r, t), 'at' is default
- al: average lock time
- ar: average rows sent
- at: average query time
- c: count
- l: lock time
- r: rows sent
- t: query time
- -r reverse the sort order (largest last instead of first)
- -t NUM just show the top n queries
- -a don't abstract all numbers to N and strings to 'S'
- -n NUM abstract numbers with at least n digits within names
- -g PATTERN grep: only consider stmts that include this string
- -h HOSTNAME hostname of db server for *-slow.log filename (can be wildcard),
- default is '*', i.e. match all
- -i NAME name of server instance (if using mysql.server startup script)
- -l don't subtract lock time from total time
-
如果在线上操作,不需要
mysqldumpslow去扫整个slow.log, 可以去tail -n 10000 slow.log > last_10000_slow.log(10000这个数字根据实际情况进行调整),然后进行mysqldumpslow last_10000_slow.log
- 慢查询日志存入表
- mysql> show variables like "log_output%";
- +---------------+-------+
- | Variable_name | Value |
- +---------------+-------+
- | log_output | FILE |
- +---------------+-------+
- 1 row in set (0.00 sec)
- mysql> set global log_output="table"; --设置为输出为表
- Query OK, 0 rows affected (0.00 sec)
- mysql> show variables like "log_output";
- +---------------+-------+
- | Variable_name | Value |
- +---------------+-------+
- | log_output | TABLE |
- +---------------+-------+
- 1 row in set (0.00 sec)
-
-
- mysql> show variables like "slow_query_log";
- +----------------+-------+
- | Variable_name | Value |
- +----------------+-------+
- | slow_query_log | ON |
- +----------------+-------+
- 1 row in set (0.00 sec)
-
- mysql> select sleep (11); --执行语句
- +------------+
- | sleep (11) |
- +------------+
- | 0 |
- +------------+
- 1 row in set (11.00 sec)
-
-
- mysql> select * from mysql.slow_log;
- +----------------------------+---------------------------+-----------------+-----------------+-----------+---------------+----+----------------+-----------+-----------+-------------------+-----------+
- | start_time | user_host | query_time | lock_time | rows_sent | rows_examined | db | last_insert_id | insert_id | server_id | sql_text |thread_id |
- +----------------------------+---------------------------+-----------------+-----------------+-----------+---------------+----+----------------+-----------+-----------+-------------------+-----------+
- | 2017-11-23 16:58:23.873261 | root[root] @ localhost [] | 00:00:11.000196 | 00:00:00.000000 | 1 | 0 | | 0 | 0 | 168 | select sleep (11) | 314459 |
- +----------------------------+---------------------------+-----------------+-----------------+-----------+---------------+----+----------------+-----------+-----------+-------------------+-----------+
- 1 row in set (0.00 sec)
-
- --显示表结构
- mysql> show create table mysql.slow_log \G;
- *************************** 1. row ***************************
- Table: slow_log
- Create Table: CREATE TABLE `slow_log` (
- `start_time` timestamp(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6) ON UPDATE CURRENT_TIMESTAMP(6),
- `user_host` mediumtext NOT NULL,
- `query_time` time(6) NOT NULL,
- `lock_time` time(6) NOT NULL,
- `rows_sent` int(11) NOT NULL,
- `rows_examined` int(11) NOT NULL,
- `db` varchar(512) NOT NULL,
- `last_insert_id` int(11) NOT NULL,
- `insert_id` int(11) NOT NULL,
- `server_id` int(10) unsigned NOT NULL,
- `sql_text` mediumblob NOT NULL,
- `thread_id` bigint(21) unsigned NOT NULL
- ) ENGINE=CSV DEFAULT CHARSET=utf8 COMMENT='Slow log' --ENGINE=CSV 这里使用的是CSV的引擎,性能较差
- 1 row in set (0.00 sec)
- ERROR:
- No query specified
-
-
- -- 建议将slow_log表的存储引擎改成MyISAM
- mysql> alter table mysql.slow_log engine = innodb;
- ERROR 1580 (HY000): You cannot 'ALTER' a log table if logging is enabled --无法转化为innodb引擎
-
- mysql> alter table mysql.slow_log engine = myisam;
- ERROR 1580 (HY000): You cannot 'ALTER' a log table if logging is enabled -- 提示我正在记录日志中,不能转换myisam引擎
-
- mysql> set global slow_query_log = 0; -- 先停止记录日志
- Query OK, 0 rows affected (0.01 sec)
-
- mysql> alter table mysql.slow_log engine = innodb;
- ERROR 1579 (HY000): This storage engine cannot be used for log tables --显示不支持innodb引擎
-
- mysql> alter table mysql.slow_log engine = myisam; -- 转换表的myisam引擎
- Query OK, 2 rows affected (5.05 sec)
- Records: 2 Duplicates: 0 Warnings: 0
-
- mysql> set global slow_query_log = 1; -- 再开启记录日志
- Query OK, 0 rows affected (0.00 sec)
-
- mysql> show create table mysql.slow_log;
- --表结构
- ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='Slow log' -- ENGINE转换成myisam引擎
使用
TABLE的优势在于方便查询,但是记住当在备份的时候,不要备份慢查询日志的表,避免备份过大。
使用FILE也可以,需要定时清除该文件,避免单文件过大。
2. 通用日志(generic_log)与审计
1.1 通用日志作用
-
当需要查找某条特定SQL语句,且该SQL语句执行较快,无法记录到slow_log中时,可以开启通用日志
generic_log,进行全面记录, 可用于审计Audit -
A终端设置开启关闭通用日志
- mysql> set global general_log=on; --开启通用日志
- Query OK, 0 rows affected (0.00 sec)
-
- mysql> show create table mysql.general_log\G --显示通用日志表结构
- *************************** 1. row ***************************
- Table: general_log
- Create Table: CREATE TABLE `general_log` (
- `event_time` timestamp(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6) ON UPDATE CURRENT_TIMESTAMP(6),
- `user_host` mediumtext NOT NULL,
- `thread_id` bigint(21) unsigned NOT NULL,
- `server_id` int(10) unsigned NOT NULL,
- `command_type` varchar(64) NOT NULL,
- `argument` mediumblob NOT NULL
- ) ENGINE=CSV DEFAULT CHARSET=utf8 COMMENT='General log'
- 1 row in set (0.00 sec)
-
- mysql> show variables like '%general_log%';
- +------------------+------------------------------------------------------+
- | Variable_name | Value |
- +------------------+------------------------------------------------------+
- | general_log | ON |
- | general_log_file | /r2/soft/dbtest/mysql-5.7.18/mysqldata/localhost.log | --日志位置
- +------------------+------------------------------------------------------+
- 2 rows in set (0.00 sec)
-
- mysql> set global general_log=off; --关闭日志
- B终端显示日志
- [root@localhost-m(252) /r2/soft/dbtest/mysql-5.7.18/mysqldata]# tail -f localhost.log
- SUM_TIMER_WRITE_LOW_PRIORITY,
- SUM_TIMER_WRITE_NORMAL,
- SUM_TIMER_WRITE_EXTERNAL
- FROM performance_schema.table_lock_waits_summary_by_table
- WHERE OBJECT_SCHEMA NOT IN ('mysql', 'performance_schema', 'information_schema')
- 2017-11-23T17:17:28.819250+08:00 315487 Quit
- 2017-11-23T17:17:29.304861+08:00 315489 Connect gcdb@192.168.48.168 on using TCP/IP
- 2017-11-23T17:17:29.305015+08:00 315489 Query select @@version_comment limit 1
- 2017-11-23T17:17:29.305307+08:00 315489 Query show global status where Variable_name in ("Com_select","Com_insert","Com_update","Com_delete","Innodb_buffer_pool_read_requests","Innodb_buffer_pool_reads","Innodb_rows_inserted","Innodb_rows_updated","Innodb_rows_deleted","Innodb_rows_read","Threads_running","Threads_connected","Threads_cached","Threads_created","Bytes_received","Bytes_sent","Innodb_buffer_pool_pages_data","Innodb_buffer_pool_pages_free","Innodb_buffer_pool_pages_dirty","Innodb_buffer_pool_pages_flushed","Innodb_data_reads","Innodb_data_writes","Innodb_data_read","Innodb_data_written","Innodb_os_log_fsyncs","Innodb_os_log_written")
- 通用日志会记录所有操作,性能下降明显。所以如果需要审计,需要
Audit Plugin
1.2 审计插件
- - MariaDB Audit 插件
- - MySQL社区版本目前没有提供Audit的功能,企业版本提供了该功能。MariaDB 提供了开源的Audit插件,且MySQL也能使用。
- - [官方注册下载插件](https://mariadb.com/my_portal/download/audit_plugin)
- - Mcaffer插件下载
- - https://bintray.com/mcafee/mysql-audit-plugin/release#files 点击Files文件
- - [audit-plugin-mysql-5.7-1.1.4-725-linux-x86_64.zip](https://bintray.com/mcafee/mysql-audit-plugin/download_file?file_path=audit-plugin-mysql-5.7-1.1.4-725-linux-x86_64.zip)
1.3 mcafee Audit Plugin安装
MySQL5.7.18 安装mcaffer audit-plugin-mysql-5.7-1.1.4-725 版本审计插件步骤如下:
- --显示插件目录
- root@gczheng 23:16: [(none)]> show global variables like 'plugin%';
- +---------------+------------------------------+
- | Variable_name | Value |
- +---------------+------------------------------+
- | plugin_dir | /usr/local/mysql/lib/plugin/ |
- +---------------+------------------------------+
- 1 row in set (0.01 sec)
-
- 安装审计插件
- --解压plugin
- [root@rhel7 software]# unzip audit-plugin-mysql-5.7-1.1.4-725-linux-x86_64.zip
- Archive: audit-plugin-mysql-5.7-1.1.4-725-linux-x86_64.zip
- creating: audit-plugin-mysql-5.7-1.1.4-725/
- creating: audit-plugin-mysql-5.7-1.1.4-725/lib/
- inflating: audit-plugin-mysql-5.7-1.1.4-725/lib/libaudit_plugin.so
- inflating: audit-plugin-mysql-5.7-1.1.4-725/COPYING
- inflating: audit-plugin-mysql-5.7-1.1.4-725/THIRDPARTY.txt
- inflating: audit-plugin-mysql-5.7-1.1.4-725/README.txt
- inflating: audit-plugin-mysql-5.7-1.1.4-725/plugin-name.txt
- creating: audit-plugin-mysql-5.7-1.1.4-725/utils/
- inflating: audit-plugin-mysql-5.7-1.1.4-725/utils/offset-extract.sh
- --拷贝到插件目录
- [root@rhel7 software]# cp audit-plugin-mysql-5.7-1.1.4-725/lib/libaudit_plugin.so /usr/local/mysql/lib/plugin/
-
- [root@rhel7 software]# cd /usr/local/mysql/lib/plugin/
- [root@rhel7 plugin]# ll libaudit_plugin.so
- -rw-r--r-- 1 root root 1542249 Nov 23 23:16 libaudit_plugin.so
-
- --mycnf添加plugin-load=AUDIT=libaudit_plugin.so
- [root@rhel7 plugin]# vim /etc/my.cnf
- [mysqld]
- ......
- plugin-load=AUDIT=libaudit_plugin.so --添加配置文件load模式,另外还有install模式:INSTALL PLUGIN AUDIT SONAME 'libaudit_plugin.so';
- ......
-
- --重启MySQL
- [root@rhel7 plugin]# service mysqld restart
- Shutting down MySQL......... SUCCESS!
- Starting MySQL........ SUCCESS!
- 测试插件
- --显示插件
- root@gczheng 23:25: [(none)]> show plugins;
- +----------------------------+----------+--------------------+--------------------+---------+
- | Name | Status | Type | Library | License |
- +----------------------------+----------+--------------------+--------------------+---------+
- | binlog | ACTIVE | STORAGE ENGINE | NULL | GPL |
- .......
-
- | ngram | ACTIVE | FTPARSER | NULL | GPL |
- | AUDIT | ACTIVE | AUDIT | libaudit_plugin.so | GPL |
- +----------------------------+----------+--------------------+--------------------+---------+
- 45 rows in set (0.00 sec)
-
- root@gczheng 23:25: [(none)]> show global status like 'AUDIT_version'; --显示审计日志版本
- +---------------+-----------+
- | Variable_name | Value |
- +---------------+-----------+
- | Audit_version | 1.1.4-725 |
- +---------------+-----------+
- 1 row in set (0.00 sec)
-
-
- root@gczheng 00:00: [(none)]> show variables like "audit%"\G; -- 查看和audit相关的参数
- *************************** 1. row ***************************
- Variable_name: audit_before_after
- Value: after
- *************************** 2. row ***************************
- Variable_name: audit_checksum
- Value:
- *************************** 3. row ***************************
- Variable_name: audit_client_capabilities
- Value: OFF
- *************************** 4. row ***************************
- Variable_name: audit_delay_cmds
- Value:
- *************************** 5. row ***************************
- Variable_name: audit_delay_ms
- Value: 0
- *************************** 6. row ***************************
- Variable_name: audit_force_record_logins
- Value: OFF
- *************************** 7. row ***************************
- Variable_name: audit_header_msg
- Value: ON
- *************************** 8. row ***************************
- Variable_name: audit_json_file
- Value: OFF
- *************************** 9. row ***************************
- Variable_name: audit_json_file_bufsize
- Value: 1
- *************************** 10. row ***************************
- Variable_name: audit_json_file_flush
- Value: OFF
- *************************** 11. row ***************************
- Variable_name: audit_json_file_retry
- Value: 60
- *************************** 12. row ***************************
- Variable_name: audit_json_file_sync
- Value: 0
- *************************** 13. row ***************************
- Variable_name: audit_json_log_file
- Value: mysql-audit.json
- *************************** 14. row ***************************
- Variable_name: audit_json_socket
- Value: OFF
- *************************** 15. row ***************************
- Variable_name: audit_json_socket_name
- Value: /var/run/db-audit/mysql.audit__r2_mysqldata_3306
- *************************** 16. row ***************************
- Variable_name: audit_json_socket_retry
- Value: 10
- *************************** 17. row ***************************
- Variable_name: audit_json_socket_write_timeout
- Value: 1000
- *************************** 18. row ***************************
- Variable_name: audit_offsets
- Value:
- *************************** 19. row ***************************
- Variable_name: audit_offsets_by_version
- Value: ON
- *************************** 20. row ***************************
- Variable_name: audit_password_masking_cmds
- Value: CREATE_USER,GRANT,SET_OPTION,SLAVE_START,CREATE_SERVER,ALTER_SERVER,CHANGE_MASTER,UPDATE
- *************************** 21. row ***************************
- Variable_name: audit_password_masking_regex
- Value: identified(?:/\*.*?\*/|\s)*?by(?:/\*.*?\*/|\s)*?(?:password)?(?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"]|password(?:/\*.*?\*/|\s)*?\((?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"](?:/\*.*?\*/|\s)*?\)|password(?:/\*.*?\*/|\s)*?(?:for(?:/\*.*?\*/|\s)*?\S+?)?(?:/\*.*?\*/|\s)*?=(?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"]|password(?:/\*.*?\*/|\s)*?['|"](?<psw>.*?)(?<!\\)['|"]
- *************************** 22. row ***************************
- Variable_name: audit_record_cmds
- Value:
- *************************** 23. row ***************************
- Variable_name: audit_record_objs
- Value:
- *************************** 24. row ***************************
- Variable_name: audit_sess_connect_attrs
- Value: ON
- *************************** 25. row ***************************
- Variable_name: audit_socket_creds
- Value: ON
- *************************** 26. row ***************************
- Variable_name: audit_uninstall_plugin
- Value: OFF
- *************************** 27. row ***************************
- Variable_name: audit_validate_checksum
- Value: ON
- *************************** 28. row ***************************
- Variable_name: audit_validate_offsets_extended
- Value: ON
- *************************** 29. row ***************************
- Variable_name: audit_whitelist_cmds
- Value: BEGIN,COMMIT,PING
- *************************** 30. row ***************************
- Variable_name: audit_whitelist_users
- Value:
- 30 rows in set (0.00 sec)
- root@gczheng 00:05: [(none)]> set global audit_json_log_file='/r2/mysqldata/audit.log'; --配置审计日志路径
- Query OK, 0 rows affected (0.00 sec)
- root@gczheng 00:04: [(none)]> set global audit_json_file=ON; -- 打开审计功能
- Query OK, 0 rows affected (0.00 sec)
- root@gczheng 00:11: [(none)]> show variables like "audit_json%";
- +---------------------------------+--------------------------------------------------+
- | Variable_name | Value |
- +---------------------------------+--------------------------------------------------+
- | audit_json_file | ON |
- | audit_json_file_bufsize | 1 |
- | audit_json_file_flush | OFF |
- | audit_json_file_retry | 60 |
- | audit_json_file_sync | 0 |
- | audit_json_log_file | /r2/mysqldata/audit.log |
- | audit_json_socket | OFF |
- | audit_json_socket_name | /var/run/db-audit/mysql.audit__r2_mysqldata_3306 |
- | audit_json_socket_retry | 10 |
- | audit_json_socket_write_timeout | 1000 |
- +---------------------------------+--------------------------------------------------+
- 查看审计日志
- [root@rhel7 ~]# tailf /r2/mysqldata/audit.log
- {"msg-type":"activity","date":"1511453256465","thread-id":"26","query-id":"1562","user":"gcdb","priv_user":"gcdb","ip":"192.168.1.10","host":"192.168.1.10","connect_attrs":{"_os":"Win64","_client_name":"libmysql","_pid":"12056","_thread":"5756","_platform":"x86_64","program_name":"MySQLWorkbench","_client_version":"5.6.23"},"client_port":"14462","cmd":"show_keys","objects":[{"db":"information_schema","name":"/r2/mysqldata/#sql_10da1_0","obj_type":"TABLE"}],"query":"SHOW INDEX FROM `information_schema`.`TABLES`"}
-
- 以上仅为基本功能操作,详细的细粒度控制请参考Mcafee文档
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/酷酷是懒虫/article/detail/792011
推荐阅读
相关标签
