June 5, 2019

mysqlauditgrep utiltity in MySQL

MySQL utility - mysqlauditgrep commands

 mysqlauditgrep    audit log search utility      
  
mysqlauditgrep utility allows MySQL users/DBAs to search current or archived audit logs, and display data from the audit log file according to the search criterion.

 Usage: mysqlauditgrep [options] AUDIT_LOG_FILE
mysqlauditgrep --help
mysqlauditgrep --version

 mysqlauditgrep --file-stats --format=CSV /mysql_audit/data/audit.log
mysqlauditgrep --users=tester1,tester2 /mysql_audit_grep/audit.log
mysqlauditgrep --start-date=2019-05-27T16:45:00 --end-date=2019-05-28 /mysql_audit/data/audit.log

 mysqlauditgrep --pattern="% = ___"; /mysql_audit_grep/data/audit.log
mysqlauditgrep --query-type=show,SET /mysql_audit/data/audit.log
mysqlauditgrep --pattern=".* = ..." --regexp /mysql_audit/data/audit.log
mysqlauditgrep --file-stats --format=RAW /mysql_audit/data/audit.log
mysqlauditgrep --event-type="Ping,Connect" /mysql_audit/audit.log

 mysqlauditgrep --status=1100-1199,1046 /mysql_audit_grep/data/audit.log
mysqlauditgrep --users=root --start-date=0 --end-date=2019-04-10 --event-type=Query --query-type=SET --status=0 --pattern="%audit_log%" /mysql_audit_grep/data/audit.log

mysqlauditgrep Options:
  --version             show program's version number and exit
  --help                 display this help message and exit
  --license             display program's license and exit
  -f FORMAT, --format=FORMAT   display the output in either GRID (default), TAB, CSV, VERTICAL and RAW format
  -u USERS, --users=USERS    find log entries by user name. Accepts a comma- separated list of user names, for example: joe,sally,nick
  --file-stats          display the audit log statistics.

   --start-date=START_DATE   retrieve log entries starting from the specified date/time. If not specified or the value is 0, all entries from the start of the log are displayed. Accepted formats: yyyy-mm-ddThh:mm:ss or yyyy-mm-dd.
  --end-date=END_DATE   retrieve log entries until the specified date/time. If not specified or the value is 0, all entries to the end of the log are displayed. Accepted formats: yyyy- mm-ddThh:mm:ss or yyyy-mm-dd.
  -e PATTERN, --pattern=PATTERN     search pattern to retrieve matching entries.
  --query-type=QUERY_TYPE    search for all SQL statements/commands from the given list of commands. Accepts a comma-separated list of commands. Supported values: CREATE, ALTER, DROP, TRUNCATE, RENAME, GRANT, REVOKE, SELECT, INSERT, UPDATE, DELETE, COMMIT, SHOW, SET, CALL, PREPARE, EXECUTE, DEALLOCATE

   --event-type=EVENT_TYPE    search for all recorded event types from the given list of supported log events. Accepts a comma- separated list of event types. Supported values: Audit, Binlog Dump, Change user, Close stmt, Connect Out, Connect, Create DB, Daemon, Debug, Delayed insert, Drop DB, Execute, Fetch, Field List, Init DB, Kill, Long Data, NoAudit, Ping, Prepare, Processlist, Query, Quit, Refresh, Register Slave, Reset stmt, Set option, Shutdown, Sleep, Statistics, Table Dump, Time

   --status=STATUS       search for all entries with the specified status values. Accepts a comma-separated list of non-negative integers (corresponding to MySQL error codes) or intervals marked with a dash. For example: 1051,1068-1075,1109,1146.
  -G, --basic-regexp, --regexp  use 'REGEXP' operator to match pattern. Default is to use 'LIKE'.
  -v, --verbose         control how much information is displayed. e.g., -v =  verbose, -vv = more verbose, -vvv = debug
Related MySQL Articles: MySQL utility - mysqlauditadmin  mysqldiskusage utility

Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)