90 lines
3.0 KiB
PHP
90 lines
3.0 KiB
PHP
CREATE TABLE alog(rec varchar(4096));
|
|
SET GLOBAL local_infile = ON;
|
|
SET GLOBAL rds_audit_log_flush = ON;
|
|
let $audit_log_file= `select VARIABLE_VALUE from performance_schema.global_status where variable_name = 'rds_audit_log_filename'`;
|
|
|
|
## Test log skip
|
|
set rds_audit_log_skip = on;
|
|
select "You can not see me in audit log";
|
|
set rds_audit_log_skip = off;
|
|
|
|
## Test password is masked
|
|
create user test_pass@'%' identified by 'I_am_a_secret_password';
|
|
drop user test_pass@'%';
|
|
|
|
## Test row limit
|
|
set global rds_audit_log_row_limit = 0;
|
|
select 'Audit log is full';
|
|
set global rds_audit_log_row_limit = 100000;
|
|
|
|
## Test log policy
|
|
SET GLOBAL rds_audit_log_policy = "LOGINS";
|
|
select 'I am query and should not be logged';
|
|
|
|
SET GLOBAL rds_audit_log_policy = "ALL";
|
|
SET GLOBAL rds_audit_log_statement_policy = "UPDATES";
|
|
select 'I am select query and should not be logged';
|
|
--error ER_NO_SUCH_TABLE
|
|
insert into non_exist_table values('I am update query and should be logged');
|
|
SET GLOBAL rds_audit_log_policy = ALL;
|
|
SET GLOBAL rds_audit_log_statement_policy = ALL;
|
|
|
|
## Test event scheduler is not logged
|
|
create table event_test (id int) engine = innodb;
|
|
drop event if exists event1;
|
|
set rds_audit_log_skip = on;
|
|
create event event1 on schedule every 1 second starts now() ends date_add(now(), interval 5 hour) DO insert into event_test values(1);
|
|
set rds_audit_log_skip = off;
|
|
--sleep 2
|
|
drop table event_test;
|
|
drop event event1;
|
|
|
|
set rds_audit_log_skip = on;
|
|
## test proc is not logged
|
|
create table proc_test(id int) engine = innodb;
|
|
DELIMITER //;
|
|
CREATE PROCEDURE proc1()
|
|
BEGIN
|
|
insert into proc_test values(1);
|
|
END
|
|
//
|
|
DELIMITER ;//
|
|
set rds_audit_log_skip = off;
|
|
call proc1();
|
|
drop procedure proc1;
|
|
drop table proc_test;
|
|
|
|
## test SQLCOM_PREPARE
|
|
prepare stmt1 from 'select "I am sql_com prepare stmt"';
|
|
execute stmt1;
|
|
deallocate prepare stmt1;
|
|
|
|
## test COM_STMT_PREPARE
|
|
--exec $MYSQL_CLIENT_TEST -u root test_ps_i18n &>/dev/null
|
|
|
|
# Make sure all audit logs have been flushed to disk
|
|
set global rds_audit_log_enabled = off;
|
|
set global rds_audit_log_enabled = on;
|
|
|
|
--disable_warnings
|
|
--disable_query_log
|
|
eval load data local infile '$audit_Log_file' into table alog FIELDS TERMINATED BY ',';
|
|
--enable_query_log
|
|
--enable_warnings
|
|
|
|
## check result
|
|
select count(*) = 0 from alog where rec like '%You can not see me in audit log%';
|
|
select count(*) = 0 from alog where rec like '%I_am_a_secret_password%';
|
|
select count(*) = 0 from alog where rec like '%Audit log is full%';
|
|
select count(*) = 0 from alog where rec like '%I am query and should not be logged%';
|
|
select count(*) = 0 from alog where rec like '%I am select query and should not be logged%';
|
|
select count(*) != 0 from alog where rec like '%I am update query and should be logged%';
|
|
select count(*) = 0 from alog where rec like '%insert into event_test values%';
|
|
select count(*) = 0 from alog where rec like '%insert into proc_test values%';
|
|
select count(*) != 0 from alog where rec like '%I am sql_com prepare stmt%';
|
|
## send by $MYSQL_CLIENT_TEST
|
|
select count(*) != 0 from alog where rec like '%INSERT INTO t1 (c1%';
|
|
|
|
DROP TABLE alog;
|
|
SET GLOBAL local_infile = OFF;
|