Set Audit Log to rotate by default, clarify unit of measure for audit_log_rotate_on_size
General
Escalation
General
Escalation
Description
Environment
None
AFFECTED CS IDs
276965
Smart Checklist
Activity
Show:
Oleksandr Kachan June 12, 2023 at 11:16 AM
This was done for the new audit plugin.
Defaults for both audit_log_filter_rotate_on_size and audit_log_filter_max_size are set to 1G so there will be only active audit log file in the data directory. All rotated logs will be pruned.
Done
Details
Details
Assignee
Oleksandr Kachan
Oleksandr KachanReporter
Michael Coburn
Michael CoburnTime tracking
3h logged
Fix versions
Affects versions
Priority
MediumSmart Checklist
Open Smart Checklist
Smart Checklist
Open Smart Checklist
Created September 21, 2020 at 2:19 PM
Updated March 6, 2024 at 10:54 AM
Resolved June 12, 2023 at 11:16 AM
We should change the default for Audit Log to rotate by default. Currently it is set to not rotate. Most linux distributions rotate all logs by default, and we do the same with PMM MySQL Slow Logs. Failure to rotate means we can cause a denial of service for MySQL since audit log is stored in datadir by default, and could grow unbounded.
Documentation also should be updated to clarify how we set audit_log_rotate_on_size, for example is this bytes? Can we safely say 1G? We don't show any examples.
Request
Rotate logs at 1GB and keep 1 file.
https://www.percona.com/doc/percona-server/LATEST/management/audit_log_plugin.html#audit_log_rotate_on_size
https://www.percona.com/doc/percona-server/LATEST/management/audit_log_plugin.html#audit_log_rotations