Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

I want to check only dml,dcl,ddl in aws rds mysql audit logs.

0

여기에 이미지 설명 입력

I am using rds mysql 8.0.32 version. (not aurora mysql) This is my current mysql rds audit log. I want to leave only Data Manipulation Language, Data Definition Language, Data Control Language, and Transaction Control Language. I don't know what the logs in the image mean. My RDS option group settings are CONNECT,QUERY_DDL,QUERY_DML,QUERY_DCL. Why do such logs remain, what does it mean, and is there a way to log only the DDL, DCL, DML, and TCL I want? I put QUERY_DML_NO_SELECT in the option group as a test, but other logs like the image are not saved, but I can't even save the Select query log that I use myself. I saw the answers to other questions and included only QUERY_DML in the option group, but the logs such as the image also remain.

Tópicos
Migração e modernizaçãoAnáliseBanco de dados
Tags
Amazon Relational Database ServiceMySQL
Idioma
English
hb
feita há 9 meses476 visualizações
1 Resposta
1
Resposta aceita

Hello.
The log is the rdsadmin operation log.
rdsadmin is a user who performs administrative operations on the AWS side.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/MysQL.Concepts.UsersAndPrivileges.html

If you do not want rdsadmin logs to be output, add "rdsadmin" to "SERVER_AUDIT_EXCL_USERS" in the options group.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.MySQL.Options.AuditPlugin.html

profile picture
ESPECIALISTA
Riku_Kobayashi
respondido há 9 meses
profile picture
ESPECIALISTA
Giovanni Lauria
avaliado há um mês
  • hb
    há 9 meses

    thank you Added "rdsadmin" to "SERVER_AUDIT_EXCL_USERS" so there are no logs related to rdsadmin. I set performance.schema to 0 in parameter group, but performance_schema log remains Is there a way to not save this log?

  • Riku_Kobayashi ESPECIALISTA
    há 9 meses

    The "performance_schema" is a static parameter and requires a restart of RDS to take effect.

  • hb
    há 9 meses

    Thanks for your answer. Tried rebooting, but SELECT st.* FROM performance_schema.events_statements_current st JOIN performance_schema.threads thr ON thr.thread_id = st.thread_id WHERE thr.processlist_id = 10',0, and 'SELECT st.* FROM performance_schema.events_stages_history_long st WHERE st . nesting_event_id = 0',0, and 'SELECT st.* FROM performance_schema.events_waits_history_long st WHERE st.nesting_event_id = 0',0,, Logs are saved. Whenever a select query is attempted, these three logs are saved together.

  • Riku_Kobayashi ESPECIALISTA
    há 9 meses

    Since it is an execution of the DML language (Select), it may not be a problem if it is left in the audit log.

  • hb
    há 9 meses

    All right. Then we will save and use the three logs together. Thank you for answer.

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante