Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Add audit logging for more MySQL commands #11914

Merged
merged 7 commits into from
Apr 14, 2022
Merged

Add audit logging for more MySQL commands #11914

merged 7 commits into from
Apr 14, 2022

Conversation

greedy52
Copy link
Contributor

@greedy52 greedy52 commented Apr 13, 2022
edited
Loading

Added parsing and audit logs for the follow commands:

  • COM_INIT_DB: switch database
  • COM_CREATE_DB: create database
  • COM_DROP_DB: drop database
  • COM_REFRESH: sends "FLUSH" or "RESET" commands
  • COM_SHUTDOWN: shuts down mysql server
  • COM_PROCESS_KILL: ask the server to terminate a connection
  • COM_DEBUG: forces the server to print debug info to stdout (on server side)

Testing:

  • Tested COM_INIT_DB by USE users from tsh db connect (users is a schema/database)

Screen Shot 2022-04-13 at 3 42 08 PM

  • Tested COM_PROCESS_KILL with mariadb python client

Screen Shot 2022-04-13 at 3 42 34 PM

Other commands are mostly deprecated so very hard to find a client to compose them.

@greedy52 greedy52 self-assigned this Apr 13, 2022
@greedy52 greedy52 requested review from smallinsky and r0mant April 13, 2022 17:47
@greedy52 greedy52 marked this pull request as ready for review April 13, 2022 17:47
@greedy52 greedy52 requested a review from Tener April 13, 2022 17:48
@greedy52 greedy52 added backport-required database-access Database access related issues and PRs labels Apr 13, 2022
@github-actions github-actions bot added the audit-log Issues related to Teleports Audit Log label Apr 13, 2022
@github-actions github-actions bot requested review from ravicious and zmb3 April 13, 2022 17:48
@greedy52 greedy52 removed request for ravicious and zmb3 April 13, 2022 17:53
r0mant
r0mant approved these changes Apr 13, 2022
View reviewed changes
Copy link
Collaborator

@r0mant r0mant left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@greedy52 Nice job! Don't forget to update webassets accordingly to support these new event types pls.

@greedy52 greedy52 force-pushed the STeve/add_audit_for_more_mysql_commands branch from 6e364cb to 47c0cba Compare April 13, 2022 19:33
@greedy52 greedy52 mentioned this pull request Apr 13, 2022
Merged
smallinsky
smallinsky approved these changes Apr 14, 2022
View reviewed changes
@greedy52 greedy52 enabled auto-merge (squash) April 14, 2022 13:26
@greedy52 greedy52 merged commit c35c425 into master Apr 14, 2022
@greedy52 greedy52 deleted the STeve/add_audit_for_more_mysql_commands branch April 14, 2022 13:51
greedy52 added a commit that referenced this pull request Apr 14, 2022
@greedy52
Add audit logging for more MySQL commands (#11914)
2e09b58
This was referenced Apr 14, 2022
Merged
Merged
greedy52 added a commit that referenced this pull request Apr 14, 2022
@greedy52
[v9] Add audit logging for more MySQL commands (#11914) (#11949)
678b7a1 
* Move MySQL packet parsing to individual functions (#10430)

* Add audit logging for more MySQL commands (#11914)
@webvictim webvictim mentioned this pull request Apr 19, 2022
Closed
@webvictim webvictim mentioned this pull request Jun 8, 2022
Closed
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@r0mant r0mant r0mant approved these changes

@smallinsky smallinsky smallinsky approved these changes

@Tener Tener Awaiting requested review from Tener

Assignees

@greedy52 greedy52

Labels
audit-log Issues related to Teleports Audit Log backport-required database-access Database access related issues and PRs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@greedy52 @r0mant @smallinsky