Percona Audit Log | Plugin !link!

The is a server plugin for Percona Server for MySQL (and compatible with MySQL & MariaDB) that tracks and logs database activity. It records who did what, when, and where—without requiring general_log , which is resource-heavy and less secure.

Logs can be stored in JSON , CSV , or XML (Old and New styles).

| Strategy | Performance Impact | Guarantee | |----------|------------------|------------| | ASYNCHRONOUS | Very low | Best effort | | PERFORMANCE | Low | Might lose few records on crash | | SEMISYNCHRONOUS | Medium | Better durability | | SYNCHRONOUS | High (flushes on every query) | Every query logged | percona audit log plugin

🔁 Filters are additive – if you specify both include_commands and exclude_accounts , both are applied.

The Percona Audit Log Plugin is a free, open-source alternative to the MySQL Enterprise Audit Log Plugin, providing native support for monitoring and logging database activities. It allows organizations to track user actions, connection attempts, and query executions to maintain robust security and compliance. Core Features and Capabilities The is a server plugin for Percona Server

# Find all DELETE operations grep '"command":"DELETE"' /var/log/mysql/audit.log

Add settings to your my.cnf to ensure they persist after restarts: | Strategy | Performance Impact | Guarantee |

-- Exclude 'monitor' and 'backup' users SET GLOBAL audit_log_exclude_accounts = 'monitor@%,backup@%';

UNINSTALL PLUGIN audit_log;

[mysqld] audit_log_policy = ALL audit_log_format = JSON audit_log_file = /var/log/mysql/audit.json audit_log_rotate_on_size = 100M audit_log_rotations = 10 ``` Use code with caution. Strategic Logging Policies