Including some extra data in Audit record
Description
Environment
Activity
Oleksandr Kachan June 3, 2024 at 11:36 AM
Hi ! I think, yes. It is possible to log Query Attributes with the new Audit Log plugin (and that user name can be passed as query attribute) and at the same time we are not going to add new feature to the old one. But as there was no further reply from anyone after my comment, I’m not 100% sure Query Attributes is what actually customer was asking for and if this solution works for him.
Oleksandr Kachan May 16, 2023 at 4:59 PM
Hello,
Looks like Query Attributes could help here. We are now working on the new Audit plugin. It is able to print query attributes assigned to a query. For example after executing a query like
there will be a JSON formatted record in audit log similar to the following one
Jovan Perovic January 20, 2023 at 1:11 PM
Thanks, @aaditya.dubey
Looking forward to any feedback
Aaditya Dubey January 12, 2023 at 7:32 AM
Hi [~accountid:557058:a2ce006d-5b89-4a59-b6a7-6baf653daf10],
Thank you for the report.Sending the concern to engineering for further review and updates.
Details
Details
Assignee
Reporter
Jovan PerovicNeeds QA
Priority
MediumSmart Checklist
Open Smart Checklist
Smart Checklist
Hi folks,
As per the discussion on the Percona forums (https://forums.percona.com/t/including-some-extra-data-in-audit-record/18401),),] I am opening the ticket in order to see if something like this is feasible or even valid. I am always open to workarounds and suggestions
My use case:
My web application uses a single DB user called web.
When the application user performs some CRUD action, I execute the `SET APP_USER = 'user@domain.com'` query. This user is obtained from logged-in credentals.
I want to be able to audit all CRUD operations the user can do, but instead of logging the database user, I need the application user.
So, can the audit log contain certain connection variables? Are there any pros/cons that I should be aware of?
I would appreciate any suggestions!
Cheers!