Tag Archives: AWS Cloud

Enable audit in the MariaDB/MySQL in AWS RDS

Enable auditing in the MariaDB or MySQL Environment in AWS RDS

  1. You need to create an option group or use an existing already created option group.

2. In Example, go to create a new Option group by clicking on Create Group and fill the detail as follows:

3. After creation, open the newly created option group. select the add option button.

4. You will find the Mariadb_audit_plugin option here and need to define the parameter as shown below:

SERVER_AUDIT_FILE_PATH - Location of the log file.
SERVER_AUDIT_FILE_ROTATE_SIZE - The size in bytes that when reached, causes the file to rotate. 
SERVER_AUDIT_FILE_ROTATIONS - The no of log rotation to save.
SERVER_AUDIT_EVENTS - The types of activity audit to record in the log file.
SERVER_AUDIT_INCL_USERS - Include activity of specified users.
SERVER_AUDIT_EXCL_USERS - Exclude activity of specified users.
SERVER_AUDIT_LOGGING - Logging is active.
SERVER_AUDIT_QUERY_LOG_LIMIT - Limit the length of query string in log.

Default values:
SERVER_AUDIT_FILE_PATH = /rdsdbdata/log/audit/

5. On the same page, after setting the parameter, apply it immediately

Go to the database and change the option group from the database setting:

  1. Select the database which needs to modify and press the modify button.

2. Go to down on that page and select the option group setting and choose newly created option group.

3. Apply the changes on the database instance immediately or as your wish.

Check the log file which need to check for auditing purpose

  1. Go to the database section, select the database, and go to the logs & events section:

2. Check the log file created at log section:

3. Select the log file to watch or download as shown below:

4. I selected the view option: