Bug #71838 | mysqlauditgrep does not support new audit log format | ||
---|---|---|---|
Submitted: | 26 Feb 2014 9:22 | Modified: | 21 May 2014 3:26 |
Reporter: | Daniël van Eeden (OCA) | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Utilities | Severity: | S2 (Serious) |
Version: | 1.3.6 | OS: | Any |
Assigned to: | CPU Architecture: | Any | |
Tags: | auditlog |
[26 Feb 2014 9:22]
Daniël van Eeden
[26 Feb 2014 10:40]
Daniël van Eeden
Test log file: ================================== <?xml version="1.0" encoding="UTF-8"?> <AUDIT> <AUDIT_RECORD> <TIMESTAMP>2014-02-26T09:27:28 UTC</TIMESTAMP> <RECORD_ID>1_2014-02-26T09:27:27</RECORD_ID> <NAME>Connect</NAME> <CONNECTION_ID>4</CONNECTION_ID> <STATUS>0</STATUS> <STATUS_CODE>0</STATUS_CODE> <USER>root</USER> <OS_LOGIN/> <HOST>localhost</HOST> <IP/> <COMMAND_CLASS>connect</COMMAND_CLASS> <PRIV_USER>root</PRIV_USER> <PROXY_USER/> <DB>mysql</DB> </AUDIT_RECORD> </AUDIT> ==================================
[26 Feb 2014 17:57]
MySQL Verification Team
Hello Daniel, Thank you for the bug report. Verified as described. Thanks, Umesh
[26 Feb 2014 20:08]
Daniël van Eeden
The unit tests only seem to run against test data in the old format: ./mysql-test/std_data/audit.log.13488316109086370 ./mysql-test/std_data/audit.log.invalid
[27 Feb 2014 6:56]
Daniël van Eeden
Add auditlog tag
[12 May 2014 14:42]
Chuck Bell
Fixed in release-1.4.3
[21 May 2014 3:26]
Philip Olson
Fixed as of the upcoming MySQL Utilities 1.4.3 release, and here's the changelog entry: The "mysqlauditgrep" utility did not support changes made to the audit log format in the "NEW" format. Both "NEW" and "OLD" formats are now supported. The "audit_log_format" option defaults to "OLD" in MySQL server 5.6, and "NEW" in MySQL server 5.7. Thank you for the bug report.