Audit Logging
Enable audit logging on the cluster using policy-based monitoring and logging of connection and query activity for security and compliance purposes. It enables database administrators to track and monitor database operations, such as logins, queries, data modifications, and schema changes. This plugin records these activities in a structured format, making it easier to analyze and audit database usage. This feature will enable audit logging on all nodes in the cluster.
Notes
Available in MariaDB Replication, MariaDB (Galera Cluster), PostgreSQL and TimescaleDB.
MariaDB
For MariaDB audit logging, the following fields are presented:
| Field | Description |
|---|---|
| Log Path | The filename to store the audit log in the log directory /var/log/mysql/. Alternatively, it can contain a path relative to the data directory or an absolute path. The default is server_audit.log. |
| Rotation Size in MB | Log file size in MB before log rotation happens. Changing this default value will require a cluster restart. |
| Rotation | Number of log files to keep after rotation. |
| Events | Specify MariaDB audit events that you would like to capture. ClusterControl preloads the audit events as you type. Multiple values are allowed. |
| Exclude Users | Exclude the specified MariaDB user(s) from the auditing. ClusterControl preloads all database users in a dropdown. Multiple values are allowed. |
To enable audit logging for MariaDB-based clusters:
-
Go to the MariaDB cluster, Click on Actions Menu → Audit Logging.
-
Just enable the toggle ON in the Audit Logging option.
-
There will be a dialogue box to fill related to the Log Path, Rotation, Events type, and Exclude the Users.
PostgreSQL
For PostgreSQL/TimescaleDB audit logging, the following fields are presented:
| Field | Description |
|---|---|
| Events | Specify PostgreSQL audit events that you would like to capture. ClusterControl preloads the audit events as you type. Multiple values are allowed. |
To enable audit logging in PostgreSQL-based environment:
-
Go to the MariaDB cluster, Click on Actions Menu → Audit Logging.
-
Just enable the toggle ON in the Audit Logging option.
-
There will be a dialogue box to fill the Events (eg.
ROLE,DDL,READ,WRITE,ALL).
After enabled the audit log in the database, the output of the audit activity will be stored in the audit log file.
Attention
This feature will be enabled on all nodes of this cluster, cluster will be restarted to install the new plugin service.