Audit Log events do not report default DB
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Percona Server moved to https://jira.percona.com/projects/PS | Status tracked in 5.7 | |||||
5.5 |
Won't Fix
|
Wishlist
|
Unassigned | |||
5.6 |
Fix Released
|
Wishlist
|
Sergei Glushchenko | |||
5.7 |
Fix Released
|
Wishlist
|
Sergei Glushchenko |
Bug Description
The DML events logged via PS audit log plugin do not identify the schema that the event occurred against.
JSON
{"audit_
OLD
<AUDIT_RECORD
NAME="Query"
RECORD=
TIMESTAMP=
COMMAND_
CONNECTION_ID="2"
STATUS="0"
SQLTEXT="update ai_test set id = 10 where id =1"
USER="root[root] @ localhost []"
HOST="localhost"
OS_USER=""
IP=""
/>
Whilst this is possibly a hangover from upstream compatibility, there could be confusion where multiple schemas have the same tables names. Resolution of where events were executed may become difficult and the audit trail untrusted.
Proposal to add "DB" field to the event.
Also note that both McAfee and MariaDB include the default schema that the event was executed against;
MariaDB (CSV Format) ricky.mysqlboy. com,root, localhost, 131,22226336, QUERY,test, 'select count(*) from rooms',0
^ :"activity" , :"1425967153721 ", user":" root", :"localhost" , :[{"db" :"test" ,"name" :"people" ,"obj_type" :"TABLE" }], :"select * from people"}
20150323 00:22:11,
McAfee (JSON Format)
{"msg-type"
"date"
"thread-id":"2",
"query-id":"17",
"user":"root",
"priv_
"host"
"ip":"",
"cmd":"select",
"objects"
"query"