Skip to content

Audit Log Filter overview

The Audit Log Filter component allows you to monitor, log, and block a connection or query actively executed on the selected server.

Enabling the component produces a log file that contains a record of server activity. The log file has information on connections and databases accessed by that connection.

The component uses the mysql system database to store filter and user account data. Set the audit_log_filter.database variable at server startup to select a different database.

The AUDIT_ADMIN privilege is required to enable users to manage the Audit Log Filter component.

Privileges

Define the privilege at runtime at the startup of the server. The associated Audit Log Filter privilege can be unavailable if the component is not enabled.

AUDIT_ADMIN

This privilege is defined by the server and enables the user to configure the component.

AUDIT_ABORT_EXEMPT

This privilege allows queries from a user account to always be executed. An abort item does not block them. This ability lets the user account regain access to a system if an audit is misconfigured. The query is logged due to the privilege. User accounts with the SYSTEM_USER privilege have the AUDIT_ABORT_EXEMPT privilege.

Audit Log Filter tables

The Audit Log Filter component uses mysql system database tables in the InnoDB storage engine. These tables store user account data and filter data. When you start the server, change the component’s database with the audit_log_filter.database variable.

The audit_log_filter table stores the definitions of the filters and has the following column definitions:

HTML Table Generator
Column name
Description
 NAME  Name of the filter
 FILTER  Definition of the filter linked to the name as a JSON value

The audit_log_user table stores account data and has the following column definitions:

HTML Table Generator
Column name
Description
 USER  The account name of the user
 HOST  The account name of the host
 FILTERNAME  The account filter name

Get expert help

If you need assistance, visit the community forum for comprehensive and free database knowledge, or contact our Percona Database Experts for professional support and services.


Last update: 2024-10-30