search

matrixorigin / matrixone

Hyperconverged cloud-edge native database
https://docs.matrixorigin.cn/en
Apache License 2.0
1.77k stars 274 forks source link

[Feature Request]: Create Audit based on log #10358

Open domingozhang opened 1 year ago

domingozhang commented 1 year ago

Is there an existing issue for the same feature request?

Is your feature request related to a problem?

No response

Describe the feature you'd like

Provide a feature to audit database log on SQL level. Details can be found in internal docs

Describe implementation you've considered

No response

Documentation, Adoption, Use Case, Migration Strategy

No response

Additional information

No response

dengn commented 1 year ago

What's the different between this feature and the current trace log?

domingozhang commented 1 year ago 
CREATE AUDIT audit_name
 {statement_shortcut | ALL}
[BY user_lists] [WHENEVER [NOT] SUCCESSFUL]

DROP [IF EXISTS] AUDIT audit_name

ALTER AUDIT audit_name
 {statement_shortcut | ALL}
[BY user_lists] [WHENEVER [NOT] SUCCESSFUL]

●创建在当前时间点以后的所有操作信息 ●“by user_list”表示只审计指定用户的SQL语句,不审计其他用户。没有指出用户名时,则审计全体用户。 ●statement_type; 表示用户执行包含关键字的语句都被审计,不区分大小写。 ●create audit a1 'table' by scott; 表示scott用户在执行Create Table、Drop Table、Truncate Table等操作时将被审计。 ●“whenever successful”表示只审计成功语句。“whenever not successful”表示只审计不成功语句。不使用该子句则全部审计。 ●仅仅moadmin或accountadmin才有权限

create audit audit_name on object_name [by user_list] [Whenever [NOT] Successful];

Drop Audit[If exists] audit_name;

alter audit audit_name on object_name [by user_list] [Whenever [NOT] Successful];

●创建在当前时间点以后的所有操作信息 ●“by user_list”表示只审计指定用户的SQL语句,不审计其他用户。没有指出用户名时,则审计全体用户。 ●object_name是隶属于租户下的某个实体对象,可以是database、table、index、sequece、view中的一种。 ●“whenever successful”表示只审计成功语句。“whenever not successful”表示只审计不成功语句。不使用该子句则全部审计。 ●仅仅moadmin或accountadmin才有权限

SHOW AUDITS [ like or where expr ] audit_name audit_type created_time
audit1 object 2023-07-01 00:00:00
audit1 statement 2023-07-01 00:00:00
dengn commented 1 year ago 
CREATE AUDIT audit_name
 {statement_shortcut | ALL}
[BY user_lists] [WHENEVER [NOT] SUCCESSFUL]

DROP [IF EXISTS] AUDIT audit_name

ALTER AUDIT audit_name
 {statement_shortcut | ALL}
[BY user_lists] [WHENEVER [NOT] SUCCESSFUL]

●创建在当前时间点以后的所有操作信息 ●“by user_list”表示只审计指定用户的SQL语句,不审计其他用户。没有指出用户名时,则审计全体用户。 ●statement_type; 表示用户执行包含关键字的语句都被审计,不区分大小写。 ●create audit a1 'table' by scott; 表示scott用户在执行Create Table、Drop Table、Truncate Table等操作时将被审计。 ●“whenever successful”表示只审计成功语句。“whenever not successful”表示只审计不成功语句。不使用该子句则全部审计。 ●仅仅moadmin或accountadmin才有权限

create audit audit_name on object_name [by user_list] [Whenever [NOT] Successful];

Drop Audit[If exists] audit_name;

alter audit audit_name on object_name [by user_list] [Whenever [NOT] Successful];

●创建在当前时间点以后的所有操作信息 ●“by user_list”表示只审计指定用户的SQL语句,不审计其他用户。没有指出用户名时,则审计全体用户。 ●object_name是隶属于租户下的某个实体对象,可以是database、table、index、sequece、view中的一种。 ●“whenever successful”表示只审计成功语句。“whenever not successful”表示只审计不成功语句。不使用该子句则全部审计。 ●仅仅moadmin或accountadmin才有权限

SHOW AUDITS [ like or where expr ]

audit_name audit_type created_time audit1 object 2023-07-01 00:00:00 audit1 statement 2023-07-01 00:00:00

oracle syntax-alike. MySQL doesn't have this feature.