Audit DML operations on MySQL Tables
https://dba.stackexchange.com/questions/69226
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
We have several MySQL 5.0 databases.
We've been having security problems, like records being modified without authorization.
We need to implement some kind of audit on DML operations identifying users that perform UPDATE or DELETE operations on some critical tables.
I have been googling about any my.conf options that would activate this kind of audits, to no avail.
Solution
The least disruptive method would be to use the general query log. The query log output can be a database table or a log (text) file; however it does not support filtering by DML operation or database so all SELECT statements on all databases will be logged as well. Obviously you can filter the logging output later.
Also note:
The session sql_log_off variable can be set to ON or OFF to disable or enable general query logging for the current connection.
This means that with some injected logic, you could conceivably disable logging for SELECTs.
Another solution is to use triggers on UPDATE, INSERT, DELETE. This will directly affect the database in question but not other databases running in the same instance.
