Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add audit logging for more MySQL commands #11914

Merged
merged 7 commits into from
Apr 14, 2022
Merged

Add audit logging for more MySQL commands #11914

merged 7 commits into from
Apr 14, 2022

Conversation

greedy52
Copy link
Contributor

@greedy52 greedy52 commented Apr 13, 2022
edited
Loading

Added parsing and audit logs for the follow commands:

  • COM_INIT_DB: switch database
  • COM_CREATE_DB: create database
  • COM_DROP_DB: drop database
  • COM_REFRESH: sends "FLUSH" or "RESET" commands
  • COM_SHUTDOWN: shuts down mysql server
  • COM_PROCESS_KILL: ask the server to terminate a connection
  • COM_DEBUG: forces the server to print debug info to stdout (on server side)

Testing:

  • Tested COM_INIT_DB by USE users from tsh db connect (users is a schema/database)

Screen Shot 2022-04-13 at 3 42 08 PM

  • Tested COM_PROCESS_KILL with mariadb python client

Screen Shot 2022-04-13 at 3 42 34 PM

Other commands are mostly deprecated so very hard to find a client to compose them.

@greedy52 greedy52 self-assigned this Apr 13, 2022
@greedy52 greedy52 requested review from smallinsky and r0mant April 13, 2022 17:47
@greedy52 greedy52 marked this pull request as ready for review April 13, 2022 17:47
@greedy52 greedy52 requested a review from Tener April 13, 2022 17:48
@greedy52 greedy52 added backport-required database-access Database access related issues and PRs labels Apr 13, 2022
@github-actions github-actions bot added the audit-log Issues related to Teleports Audit Log label Apr 13, 2022
@github-actions github-actions bot requested review from ravicious and zmb3 April 13, 2022 17:48
@greedy52 greedy52 removed request for ravicious and zmb3 April 13, 2022 17:53
r0mant
r0mant approved these changes Apr 13, 2022
View reviewed changes
Copy link
Collaborator

@r0mant r0mant left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@greedy52 Nice job! Don't forget to update webassets accordingly to support these new event types pls.

@greedy52 greedy52 force-pushed the STeve/add_audit_for_more_mysql_commands branch from 6e364cb to 47c0cba Compare April 13, 2022 19:33
@greedy52 greedy52 mentioned this pull request Apr 13, 2022
Merged
smallinsky
smallinsky approved these changes Apr 14, 2022
View reviewed changes
lib/srv/db/mysql/protocol/command.go Outdated Show resolved Hide resolved
@greedy52 greedy52 enabled auto-merge (squash) April 14, 2022 13:26
@greedy52 greedy52 merged commit c35c425 into master Apr 14, 2022
@greedy52 greedy52 deleted the STeve/add_audit_for_more_mysql_commands branch April 14, 2022 13:51
greedy52 added a commit that referenced this pull request Apr 14, 2022
@greedy52
Add audit logging for more MySQL commands (#11914)
2e09b58
This was referenced Apr 14, 2022
Merged
Merged
greedy52 added a commit that referenced this pull request Apr 14, 2022
@greedy52
[v9] Add audit logging for more MySQL commands (#11914) (#11949)
678b7a1 
* Move MySQL packet parsing to individual functions (#10430)

* Add audit logging for more MySQL commands (#11914)
@webvictim webvictim mentioned this pull request Apr 19, 2022
Closed
@webvictim webvictim mentioned this pull request Jun 8, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smallinsky smallinsky smallinsky approved these changes

@r0mant r0mant r0mant approved these changes

@Tener Tener Awaiting requested review from Tener

Assignees

@greedy52 greedy52

Labels
audit-log Issues related to Teleports Audit Log backport-required database-access Database access related issues and PRs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@greedy52 @r0mant @smallinsky