09. 10. 2014 Thomas Forrer Log Auditing, NetEye, Syslog, Uncategorized

NetEye: New MySQL Audit Plugin for SyslogView

In a standard MySQL setup, the logging of user logins/logouts is done by enabling the “general_log” logfile, which forces the MySQL process to log EVERYTHING. This can clearly produce bad performances under heavy load. To avoid such performance restrictions we added a new MySQL Audit Plugin to the Syslog View of NetEye.

NetEye Performance Impact of Each Logoutput

Performance Impact of Each Logoutput
Using log destination FILE has least impact on MySQL performance (throughput decrease is roughly 13.5%; response time increase is roughly 17.5%)*

In order to mitigate the described performance degradation we packetized a native MySQL plugin, which aims to write a dedicated logfile containing only login/logout and failed login attempts information. This allows you to audit accesses to a MySQL database with a negligible performance impact.

[ If you want to get more detailled information about possible performance impacts caused by enabling general query log, I would suggest Abdel Mawlas’ or even Aleksandr Kuzminskys’ article. ]

Thomas Forrer

Thomas Forrer

Team Leader Research & Development at Würth Phoenix
Hi folks! I began loving computer since 1994, it was still the time of windows 3.1. Immediately I learned starting DOS games from the command promt, and while typing some white text on black background I felt like some hackish dude in a hollywoodian movie. Later during the studies at the university, I discovered the magic world of opensource, and it was love at first sight. Finally I got rid of BSOD's =) I love everything that is connected to some network, especially in a security perspective. My motto is: "With motivation, nothing is impossibile. It only requires more time."

Author

Thomas Forrer

Hi folks! I began loving computer since 1994, it was still the time of windows 3.1. Immediately I learned starting DOS games from the command promt, and while typing some white text on black background I felt like some hackish dude in a hollywoodian movie. Later during the studies at the university, I discovered the magic world of opensource, and it was love at first sight. Finally I got rid of BSOD's =) I love everything that is connected to some network, especially in a security perspective. My motto is: "With motivation, nothing is impossibile. It only requires more time."

Leave a Reply

Your email address will not be published. Required fields are marked *

Archive