Re: Tracking privileges in MySQL 5.6

From: Lyle H. Gray <lylefitzw_at_no.spam.gmail.com.invalid>
Date: Wed, 02 May 2018 06:47:29 -0500
Message-ID: <XnsA8D64F409379graynoibisspamcsumas_at_216.166.97.131>

"J.O. Aho" <user_at_example.net> wrote in news:fksv4jFl959U1_at_mid.individual.net:

> On 05/01/18 23:38, Lyle H. Gray wrote:

>> Does anyone have a method of retrieving a log of who has changed
>> privileges for a given login to a MySQL 5.6 database server?  I know
>> how to determine what privileges a login has (SHOW GRANTS FOR
>> <loginname>;), but I'm looking for who might have changed those
>> GRANTs for a particular user.

>
> You would need the audit plugin, which means you need the enterprise
> version of MySQL.
> https://dev.mysql.com/doc/refman/5.6/en/audit-log.html
>
> A poor man's solution would be looking at all the .mysql_history files
> on the system to see who has done what, but those a user can edit.

Thank you, I will check this out.

We've already been discussing getting the enterprise version for 5.7 because it supports TLS 1.2 (community edition for 5.7 only supports up to TLS 1.1). Received on Wed May 02 2018 - 13:47:29 CEST

This message: [ Message body ]
Next message: Axel Schwenke: "Re: Tracking privileges in MySQL 5.6"
Maybe in reply to: Lyle H. Gray: "Tracking privileges in MySQL 5.6"
In reply to J.O. Aho: "Re: Tracking privileges in MySQL 5.6"
Next in thread: Axel Schwenke: "Re: Tracking privileges in MySQL 5.6"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message