1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
|
--source include/not_embedded.inc
if (!$SERVER_AUDIT_SO) {
skip No SERVER_AUDIT plugin;
}
install plugin server_audit soname 'server_audit';
show variables like 'server_audit%';
set global server_audit_file_path=null;
set global server_audit_incl_users=null;
set global server_audit_file_path='server_audit.log';
set global server_audit_output_type=file;
set global server_audit_logging=on;
--sleep 2
connect (con1,localhost,root,,mysql);
connection default;
disconnect con1;
--sleep 2
--sleep 2
--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
--error ER_ACCESS_DENIED_ERROR
connect (con1,localhost,no_such_user,,mysql);
connection default;
--sleep 2
set global server_audit_incl_users='odin, dva, tri';
create table t1 (id int);
set global server_audit_incl_users='odin, root, dva, tri';
create table t2 (id int);
set global server_audit_excl_users='odin, dva, tri';
insert into t1 values (1), (2);
select * from t1;
set global server_audit_incl_users='odin, root, dva, tri';
insert into t2 values (1), (2);
select * from t2;
alter table t1 rename renamed_t1;
set global server_audit_events='connect,query';
select 1,
2,
# comment
3;
insert into t2 values (1), (2);
select * from t2;
--error ER_NO_SUCH_TABLE
select * from t_doesnt_exist;
--error 1064
syntax_error_query;
drop table renamed_t1, t2;
show variables like 'server_audit%';
set global server_audit_mode=1;
set global server_audit_events='';
create database sa_db;
--sleep 2
connect (con1,localhost,root,,test);
connection con1;
--sleep 2
--sleep 2
create table t1 (id2 int);
insert into t1 values (1), (2);
select * from t1;
drop table t1;
use sa_db;
create table sa_t1(id int);
insert into sa_t1 values (1), (2);
drop table sa_t1;
drop database sa_db;
connection default;
disconnect con1;
--sleep 2
--sleep 2
create database sa_db;
use sa_db;
CREATE USER u1 IDENTIFIED BY 'pwd-123';
GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321";
SET PASSWORD FOR u1 = PASSWORD('pwd 098');
CREATE USER u3 IDENTIFIED BY '';
drop user u1, u2, u3;
set global server_audit_events='query_ddl';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
select 2;
(select 2);
/*! select 2*/;
/*comment*/ select 2;
drop table t1;
set global server_audit_events='query_ddl,query_dml';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
select 2;
drop table t1;
set global server_audit_events='query_dml';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
select 2;
(select 2);
/*! select 2*/;
/*comment*/ select 2;
drop table t1;
set global server_audit_events='query_dcl';
create table t1(id int);
insert into t1 values (1), (2);
select * from t1;
CREATE USER u1 IDENTIFIED BY 'pwd-123';
GRANT ALL ON sa_db TO u2 IDENTIFIED BY "pwd-321";
SET PASSWORD
# comment
FOR u1 = PASSWORD('pwd 098');
--error 1064
SET PASSWORD FOR u1=<secret>;
CREATE USER u3 IDENTIFIED BY '';
drop user u1, u2, u3;
select 2;
(select 2);
/*! select 2*/;
/*comment*/ select 2;
drop table t1;
set global server_audit_events='';
set global server_audit_query_log_limit= 15;
select (1), (2), (3), (4);
select 'A', 'B', 'C', 'D';
set global server_audit_query_log_limit= 1024;
drop database sa_db;
set global server_audit_file_path='.';
--replace_regex /\.[\\\/]/HOME_DIR\//
show status like 'server_audit_current_log';
set global server_audit_file_path='';
show status like 'server_audit_current_log';
set global server_audit_file_path=' ';
show status like 'server_audit_current_log';
set global server_audit_file_path='nonexisting_dir/';
show status like 'server_audit_current_log';
show variables like 'server_audit%';
uninstall plugin server_audit;
let $MYSQLD_DATADIR= `SELECT @@datadir`;
# replace the timestamp and the hostname with constant values
--replace_regex /[0-9]* [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\,[^,]*\,/TIME,HOSTNAME,/ /\,[1-9][0-9]*\,/,1,/ /\,[1-9][0-9]*/,ID/
cat_file $MYSQLD_DATADIR/server_audit.log;
remove_file $MYSQLD_DATADIR/server_audit.log;
|