环境:mariadb-10.1.13
Audit
https://mariadb.com/kb/en/mariadb-audit- plugin/
比较新的mariadb版本audit插件直接内嵌在版本里,可以直接安装
(jlive)[isfdb]>INSTALL PLUGIN server_audit SONAME 'server_audit.so';
Query OK, 0 rows affected (0.16 sec)
(jlive)[isfdb]>SHOW PLUGINS;
+-------------------------------+----------+--------------------+-----------------+---------+
|
Name
+-------------------------------+----------+--------------------+-----------------+---------+
|
binlog
|
mysql_native_password
|
mysql_old_password
| wsrep
| CSV
|
MEMORY
|
MyISAM
|
MRG_MyISAM
|
CLIENT_STATISTICS
|
INDEX_STATISTICS
|
TABLE_STATISTICS
|
USER_STATISTICS
|
InnoDB
|
XTRADB_READ_VIEW
|
XTRADB_INTERNAL_HASH_TABLES
|
XTRADB_RSEG
|
INNODB_TRX
|
INNODB_LOCKS
|
INNODB_LOCK_WAITS
|
INNODB_CMP
|
INNODB_CMP_RESET
|
INNODB_CMPMEM
|
INNODB_CMPMEM_RESET
|
INNODB_CMP_PER_INDEX
|
INNODB_CMP_PER_INDEX_RESET
|
INNODB_BUFFER_PAGE
|
INNODB_BUFFER_PAGE_LRU
|
INNODB_BUFFER_POOL_STATS
|
INNODB_METRICS
|
INNODB_FT_DEFAULT_STOPWORD
|
INNODB_FT_DELETED
|
INNODB_FT_BEING_DELETED
|
INNODB_FT_CONFIG
|
INNODB_FT_INDEX_CACHE
|
INNODB_FT_INDEX_TABLE
|
INNODB_SYS_TABLES
|
INNODB_SYS_TABLESTATS
|
INNODB_SYS_INDEXES
|
INNODB_SYS_COLUMNS
|
INNODB_SYS_FIELDS
|
INNODB_SYS_FOREIGN
|
INNODB_SYS_FOREIGN_COLS
|
INNODB_SYS_TABLESPACES
|
INNODB_SYS_DATAFILES
|
INNODB_CHANGED_PAGES
|
INNODB_MUTEXES
|
INNODB_SYS_SEMAPHORE_WAITS
|
INNODB_TABLESPACES_ENCRYPTION | ACTIVE
|
INNODB_TABLESPACES_SCRUBBING
|
CHANGED_PAGE_BITMAPS
|
SEQUENCE
|
PERFORMANCE_SCHEMA
|
Aria
|
FEEDBACK
|
partition
|
TokuDB
|
TokuDB_trx
|
TokuDB_lock_waits
|
TokuDB_locks
|
TokuDB_file_map
|
TokuDB_fractal_tree_info
|
TokuDB_fractal_tree_block_map | ACTIVE
| CONNECT
| SERVER_AUDIT
+-------------------------------+----------+--------------------+-----------------+---------+
64 rows in set (0.00 sec)
(jlive)[isfdb]>SHOW GLOBAL VARIABLES LIKE 'plugin_dir';
+---------------+--------------------------+
|
Variable_name | Value
+---------------+--------------------------+
|
plugin_dir
+---------------+--------------------------+
1 row in set (0.15 sec)
[mysqld]
plugin-load=server_audit=server_audit.so
server_audit=FORCE_PLUS_PERMANENT
二.使用Audit
查看
(jlive)[isfdb]>SHOW GLOBAL VARIABLES LIKE 'server_audit%'G
*************************** 1. row ***************************
Variable_name: server_audit_events
*************************** 2. row ***************************
Variable_name: server_audit_excl_users
*************************** 3. row ***************************
Variable_name: server_audit_file_path
*************************** 4. row ***************************
Variable_name: server_audit_file_rotate_now
*************************** 5. row ***************************
Variable_name: server_audit_file_rotate_size
*************************** 6. row ***************************
Variable_name: server_audit_file_rotations
*************************** 7. row ***************************
Variable_name: server_audit_incl_users
*************************** 8. row ***************************
Variable_name: server_audit_loc_info
*************************** 9. row ***************************
Variable_name: server_audit_logging
*************************** 10. row ***************************
Variable_name: server_audit_mode
*************************** 11. row ***************************
Variable_name: server_audit_output_type
*************************** 12. row ***************************
Variable_name: server_audit_query_log_limit
*************************** 13. row ***************************
Variable_name: server_audit_syslog_facility
*************************** 14. row ***************************
Variable_name: server_audit_syslog_ident
*************************** 15. row ***************************
Variable_name: server_audit_syslog_info
*************************** 16. row ***************************
Variable_name: server_audit_syslog_priority
16 rows in set (0.00 sec)
启用audit
(jlive)[isfdb]>SET GLOBAL server_audit_logging=ON;
Query OK, 0 rows affected (0.15 sec)
(jlive)[isfdb]>SET GLOBAL server_audit_file_rotate_now=ON;
Query OK, 0 rows affected (0.00 sec)
(jlive)[isfdb]>SHOW GLOBAL STATUS LIKE 'server_audit%';
+----------------------------+------------------+
|
Variable_name
+----------------------------+------------------+
|
Server_audit_active
|
Server_audit_current_log
|
Server_audit_last_error
|
Server_audit_writes_failed | 0
+----------------------------+------------------+
4 rows in set (0.00 sec)
配置需要(或不需要)track的用户
SET GLOBAL server_audit_incl_users = 'untrusted_user';
SET GLOBAL server_audit_incl_users = CONCAT(@@global.server_audit_incl_users,',untrusted_user2');
SHOW GLOBAL VARIABLES LIKE 'server_audit_incl_users';
SET GLOBAL server_audit_excl_users = 'trusted_user';
SET GLOBAL server_audit_excl_users = CONCAT(@@global.server_audit_excl_users, ',trusted_user2');
SHOW GLOBAL VARIABLES LIKE 'server_audit_excl_users';
说明:默认情况下,audit会track所有用户,可以通过server_audit_incl_users来指定要track的用户,也可以通过server_audit_excl_users来排除不需要track的用户,作限制和排除时会忽略主机名,如下用户都会include到track用户下,同时incl的优先级高于excl,也就是说,如果一个用户既在incl又在excl,则这个用户会被track
untrusted_user@'localhost'
untrusted_user@'192.168.1.%'
untrusted_user@'%'
(jlive)[isfdb]>SHOW GLOBAL VARIABLES LIKE 'server_audit_incl_users';
+-------------------------+--------------------------------+
|
Variable_name
+-------------------------+--------------------------------+
| server_audit_incl_users | untrusted_user,untrusted_user2 |
+-------------------------+--------------------------------+
1 row in set (0.00 sec)
(jlive)[isfdb]>SHOW GLOBAL VARIABLES LIKE 'server_audit_excl_users';
+-------------------------+----------------------------+
|
Variable_name
+-------------------------+----------------------------+
| server_audit_excl_users | trusted_user,trusted_user2 |
+-------------------------+----------------------------+
1 row in set (0.00 sec)
Statistics
https://mariadb.com/kb/en/engine-independent-table-statistics/
不管使用哪种存储引擎,mariadb都能够对所有的表进行统计
启用表统计
SET
GLOBAL use_stat_tables=complementary;
ANALYZE
TABLE table_name;
ANALYZE
TABLE table_name PERSISTENT FOR COLUMNS (column_1,column_2,...)
INDEXES (index_1,index_2,...);
查看统计信息
SELECT
* FROM mysql.table_stats;
SELECT
* FROM mysql.index_stats;
SELECT
* FROM mysql.column_stats;
Extended Statistics
启用
SET
GLOBAL userstat=1;
[mysqld]
userstat =
1
查看统计
SHOW CLIENT_STATISTICS;
SHOW INDEX_STATISTICS;
SHOW TABLE_STATISTICS;
SHOW USER_STATISTICS;
统计置零
FLUSH CLIENT_STATISTICS;
FLUSH INDEX_STATISTICS;
FLUSH TABLE_STATISTICS;
FLUSH USER_STATISTICS;
performance
https://mariadb.com/kb/en/performance-schema/
说明:performance_schema不能动态生效,任何对performance_schema的修改都需要写入配置文件后才能生效
启用performance_schema
在配置文件中添加如下行重启
[mysqld]
performance_schema
查看用户连接次数
(jlive)[isfdb]>SELECT * FROM performance_schema.users;
+--------+---------------------+-------------------+
| USER
+--------+---------------------+-------------------+
| zabbix
|
|
jlive
| NULL
+--------+---------------------+-------------------+
3 rows in set (0.01 sec)
提示:禁用用户连接数统计,添加如下行后重启,默认值为-1,统计所有
[mysqld]
performance_schema_users_size=0
查看激活连接的线程
(jlive)[isfdb]>SELECT * FROM performance_schema.threads WHERE type="foreground"G
*************************** 1. row ***************************
PROCESSLIST_COMMAND: Sleep
*************************** 2. row ***************************
PROCESSLIST_COMMAND: Query