{"id":7929,"date":"2025-07-03T18:00:46","date_gmt":"2025-07-03T17:00:46","guid":{"rendered":"https:\/\/dasini.net\/blog\/?p=7929"},"modified":"2025-07-03T18:00:49","modified_gmt":"2025-07-03T17:00:49","slug":"heatwave-mysql-database-audit","status":"publish","type":"post","link":"https:\/\/dasini.net\/blog\/2025\/07\/03\/heatwave-mysql-database-audit\/","title":{"rendered":"HeatWave MySQL Database Audit"},"content":{"rendered":"\n<p>A few years ago (in 2018), I wrote a <strong><a href=\"https:\/\/dev.mysql.com\/doc\/mysql-secure-deployment-guide\/8.0\/en\/\" target=\"_blank\" rel=\"noopener\" title=\"MySQL 8.0 Secure Deployment Guide\">MySQL Security<\/a><\/strong> series and one of the episode was about the <strong><a href=\"https:\/\/dev.mysql.com\/doc\/refman\/9.3\/en\/audit-log.html\" target=\"_blank\" rel=\"noopener\" title=\"MySQL Enterprise Audit\">MySQL Enterprise Audit<\/a><\/strong> feature \u2014  <a href=\"https:\/\/dasini.net\/blog\/2018\/04\/04\/mysql-security-mysql-enterprise-audit\/\" target=\"_blank\" rel=\"noopener\" title=\"MySQL Security \u2013 MySQL Enterprise Audit\"><strong>MySQL Security \u2013 MySQL Enterprise Audit<\/strong><\/a> \u2014 a powerful auditing capability that enables you to track and monitor database activity to ensure data integrity, strengthen security, and maintain compliance with regulatory requirements. This robust feature has also been available in <strong><a href=\"https:\/\/blogs.oracle.com\/mysql\/post\/introducing-mysql-heatwave-database-audit\" target=\"_blank\" rel=\"noopener\" title=\"MySQL HeatWave Database Audit for Data Governance, Compliance, and Security\">HeatWave MySQL<\/a><\/strong> for the past few years (since 2023), bringing the same enterprise-grade auditing capabilities to the cloud.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/MySQL_DB_Lock2.png\" alt=\"\"\/><\/figure>\n<\/div>\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>HeatWave MySQL Database Audit is builds upon the established technology of <a href=\"https:\/\/www.mysql.com\/products\/enterprise\/audit.html\" target=\"_blank\" rel=\"noopener\" title=\"MySQL Enterprise Audit\">MySQL Enterprise Audit<\/a>, offering a comprehensive solution for tracking and analyzing database activities.<\/p>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Key Benefits of HeatWave <strong>MySQL<\/strong><\/strong> <strong>Database Audit<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Rigorous Compliance &amp; Forensics:<\/strong> Helps organizations meet stringent industry regulations (like FedRAMP, DISA STIG, PCI-DSS, HIPAA, SOX, GDPR, FERPA, and Center for Internet Security Benchmarks) by creating a detailed record of database events, essential for investigations and demonstrating adherence to policies.<\/li>\n\n\n\n<li><strong>Security Operations (SecOps):<\/strong> Enables real-time monitoring of user behaviors to detect and respond to potential security threats proactively.<\/li>\n\n\n\n<li><strong>Holistic Server Activity Tracking:<\/strong> Provides comprehensive auditing, from basic client connections and disconnections to more granular activities like interactions with specific schemas and tables, security changes, and errors.<\/li>\n\n\n\n<li><strong>Insights into Query and Statement Performance:<\/strong> Tracks query execution statistics, allowing for the identification of slow queries and performance bottlenecks, leading to database optimization.<\/li>\n\n\n\n<li><strong>Utilization &amp; Optimization:<\/strong> Offers data-driven insights to pinpoint and streamline database operations and resource utilization.<\/li>\n\n\n\n<li><strong>\u00ab\u00a0Trust but Verify\u00a0\u00bb Security Principle:<\/strong> Allows for the monitoring of high-privilege users to prevent misuse of access.<\/li>\n\n\n\n<li><strong>Business Audit:<\/strong> Creates detailed records to prove data validity, accuracy, and integrity, demonstrating that no tampering has occurred.<\/li>\n\n\n\n<li><strong>Security Analysis:<\/strong> Serves as a vital component in a defense-in-depth strategy, facilitating both proactive (machine learning-based anomaly detection) and reactive (post-mortem analysis of attacks) security measures.<\/li>\n<\/ul>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p style=\"text-decoration:underline\"><strong><em>Feature Highlights<\/em>:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Ready to Use:<\/strong> No installation steps are required, simplifying the process of securing and monitoring database activities.<\/li>\n\n\n\n<li><strong>Customizable Auditing:<\/strong> Allows Database Administrators to define filters to monitor specific operations, users, or broad activity categories, reducing audit noise and optimizing log size.<\/li>\n\n\n\n<li><strong>Real-time &amp; Minimal Overhead:<\/strong> Provides instantaneous access to database activity with minimal impact on performance, supporting diverse use cases.<\/li>\n\n\n\n<li><strong>Automatic Log Rotation &amp; Management:<\/strong> Includes built-in log rotation and automatic purging, ensuring optimal DB system performance without manual intervention. Audit logs are structured in JSON format, encrypted, and compressed for efficiency and security.<\/li>\n\n\n\n<li><strong>Multi-Instance Support:<\/strong> Works seamlessly with standalone, multi-instance, and High-Availability (HA) configurations, replicating audit filters and configurations to ensure no event is lost.<\/li>\n\n\n\n<li><strong>Access via SQL Interface:<\/strong> Enables querying of logs directly from the SQL interface using any MySQL client. Logs can also be channeled to OCI Logging Analytics, third-party monitoring tools, or SIEM systems for broader analysis.<\/li>\n\n\n\n<li><strong>Effortless Migration of Rules:<\/strong> Existing MySQL Enterprise Auditing rules (on-premise or other systems) can be easily migrated to HeatWave MySQL instances in the cloud, ensuring consistency.<\/li>\n\n\n\n<li><strong>Optional Query Execution Metrics:<\/strong> Can include details about query execution, such as slow queries, for performance analysis.<\/li>\n\n\n\n<li><strong>Option to Remove Sensitive Data:<\/strong> Allows for the omission of sensitive data from statements before logging.<\/li>\n<\/ul>\n\n\n\n<div style=\"height:50px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Server Activity Tracking<\/h2>\n\n\n\n<p>The goal here is to <strong>track all DML <strong>(Data Manipulation Language) <\/strong>statements<\/strong> executed on a HeatWave MySQL instance,  by an user account (assuming this user account it used by an application that requires audited). You can easily achieve this by creating a dedicated <strong>HeatWave MySQL Audit Log Filter<\/strong> that specifically logs:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>INSERT<\/li>\n\n\n\n<li>UPDATE<\/li>\n\n\n\n<li>DELETE<\/li>\n\n\n\n<li>TRUNCATE TABLE<\/li>\n\n\n\n<li>REPLACE<\/li>\n\n\n\n<li>LOAD DATA<\/li>\n\n\n\n<li>LOAD XML<\/li>\n<\/ul>\n\n\n\n<p>We&rsquo;ll assign this filter to the dedicated user called <code><em>auditee@%<\/em><\/code>.<\/p>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p><strong>Workflow overview<\/strong>:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Verify that the HeatWave MySQL Database Audit is enabled<\/li>\n\n\n\n<li>Create the DML specific audit filter<\/li>\n\n\n\n<li>Register the filter<\/li>\n\n\n\n<li>Assign the filter to the appropriate user account<\/li>\n<\/ol>\n\n\n\n<p><strong>Important:<\/strong> To utilize any filtering capabilities, the user performing these actions must possess the <strong><code><code><strong><a href=\"https:\/\/dev.mysql.com\/doc\/refman\/9.3\/en\/privileges-provided.html#priv_audit-admin\" target=\"_blank\" rel=\"noopener\" title=\"AUDIT_ADMIN  - Enables audit log configuration.\">AUDIT_ADMIN<\/a><\/strong><\/code><\/code><\/strong> privilege.<\/p>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>In this article,&nbsp;I&rsquo;m using HeatWave  8.4.5:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SELECT VERSION();\n+----------------+\n| VERSION()      |\n+----------------+\n| 8.4.5-u2-cloud |\n+----------------+<\/code><\/pre>\n\n\n\n<div style=\"height:50px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Verify that HeatWave MySQL Audit is enabled<\/h2>\n\n\n\n<p>HeatWave MySQL Database Audit is enable by default. You can check using the following queries:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SQL&gt; \n-- Checks at the server plugins level\nSELECT\n    PLUGIN_NAME,\n    PLUGIN_STATUS\nFROM\n    INFORMATION_SCHEMA.PLUGINS\nWHERE\n    PLUGIN_NAME LIKE 'audit%';\n+-------------+---------------+\n| PLUGIN_NAME | PLUGIN_STATUS |\n+-------------+---------------+\n| audit_log   | ACTIVE        |\n+-------------+---------------+\n\n\n-- Check at the component-based infrastructure level\nSELECT \n    * \nFROM \n    mysql.component \nWHERE \n    component_urn LIKE '%audit%'\\G\n*************************** 1. row ***************************\n      component_id: 6\ncomponent_group_id: 6\n     component_urn: file:\/\/component_audit_api_message_emit<\/code><\/pre>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>You can see all the audit feature related functions using <a href=\"https:\/\/dev.mysql.com\/doc\/refman\/8.4\/en\/performance-schema.html\" target=\"_blank\" rel=\"noopener\" title=\"MySQL Performance Schema\">performance_schema<\/a>.<a href=\"https:\/\/dev.mysql.com\/doc\/refman\/8.4\/en\/performance-schema-user-defined-functions-table.html\" target=\"_blank\" rel=\"noopener\" title=\"The user_defined_functions Table\"><code><em>user_defined_functions<\/em><\/code><\/a> table:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SELECT * FROM performance_schema.user_defined_functions WHERE UDF_LIBRARY='audit_log.so';\n+-----------------------------------+-----------------+----------+--------------+-----------------+\n| UDF_NAME                          | UDF_RETURN_TYPE | UDF_TYPE | UDF_LIBRARY  | UDF_USAGE_COUNT |\n+-----------------------------------+-----------------+----------+--------------+-----------------+\n| audit_log_rotate                  | char            | function | audit_log.so |               1 |\n| audit_log_read                    | char            | function | audit_log.so |               1 |\n| audit_log_filter_remove_filter    | char            | function | audit_log.so |               1 |\n| audit_log_encryption_password_set | integer         | function | audit_log.so |               1 |\n| audit_log_filter_set_filter       | char            | function | audit_log.so |               1 |\n| audit_log_encryption_password_get | char            | function | audit_log.so |               1 |\n| audit_log_filter_remove_user      | char            | function | audit_log.so |               1 |\n| audit_log_filter_set_user         | char            | function | audit_log.so |               1 |\n| audit_log_read_bookmark           | char            | function | audit_log.so |               1 |\n| audit_log_filter_flush            | char            | function | audit_log.so |               1 |\n+-----------------------------------+-----------------+----------+--------------+-----------------+<\/code><\/pre>\n\n\n\n<p>The&nbsp;<code><em>user_defined_functions<\/em><\/code>&nbsp;table contains a row for each loadable function registered automatically by a component or plugin, or manually by a&nbsp;<a href=\"https:\/\/dev.mysql.com\/doc\/refman\/8.4\/en\/create-function-loadable.html\" target=\"_blank\" rel=\"noopener\" title=\"CREATE FUNCTION Statement for Loadable Functions\"><code><em>CREATE FUNCTION<\/em><\/code><\/a>&nbsp;statement.<\/p>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Create the DML Audit Filter<\/h2>\n\n\n\n<p>The filer to log all DMLs running on HeatWave MySQL is quite simple. We are using a JSON syntax:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SET @dml_filter = '{\n  \"filter\": {\n    \"class\": {\n      \"name\": \"table_access\",\n      \"event\": {\n        \"name\": [\"insert\", \"update\", \"delete\"],\n        \"log\": true\n      }\n    }\n  }\n}'\n;<\/code><\/pre>\n\n\n\n<p>This filter logs only DML operations by checking SQL statement types (that is INSERT \/ UPDATE \/ DELETE \/ TRUNCATE TABLE \/ REPLACE \/ LOAD DATA \/ LOAD XML).<\/p>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Register the Filter<\/h2>\n\n\n\n<p>Assign the filter a name, using the <a href=\"https:\/\/dev.mysql.com\/doc\/refman\/9.3\/en\/audit-log-reference.html#function_audit-log-filter-set-filter\" target=\"_blank\" rel=\"noopener\" title=\"Given a filter name and definition, adds the filter to the current set of filters\"><code>audit_log_filter_set_filter<\/code><\/a> function (e.g., dml_logger):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SELECT audit_log_filter_set_filter('dml_logger', @dml_filter);\n\n+--------------------------------------------------------+\n| audit_log_filter_set_filter('dml_logger', @dml_filter) |\n+--------------------------------------------------------+\n| OK                                                     |\n+--------------------------------------------------------+<\/code><\/pre>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>To view audit filters, run the following command:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SELECT * FROM mysql_audit.audit_log_filter\\G\n\n*************************** 1. row ***************************\n  NAME: dml_logger\nFILTER: {\"filter\": {\"class\": {\"name\": \"table_access\", \"event\": {\"log\": true, \"name\": [\"insert\", \"update\", \"delete\"]}}}}<\/code><\/pre>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Apply the Filter to the User Account<\/h2>\n\n\n\n<p>Use the <a href=\"https:\/\/dev.mysql.com\/doc\/refman\/9.3\/en\/audit-log-reference.html#function_audit-log-filter-set-user\" target=\"_blank\" rel=\"noopener\" title=\"Given a user account name and a filter name, assigns the filter to the user\"><code>audit_log_filter_set_user<\/code><\/a> function to start filtering an user account.<\/p>\n\n\n\n<p>The syntax for the specific users <code><em>auditee@%<\/em><\/code> is:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SELECT audit_log_filter_set_user('auditee@%', 'dml_logger');\n\n+----------------------------------------------------------+\n| audit_log_filter_set_user('auditee@%', 'dml_logger') |\n+----------------------------------------------------------+\n| OK                                                       |\n+----------------------------------------------------------+<\/code><\/pre>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>If you want to assign the filter to all users, use the following syntax:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SELECT audit_log_filter_set_user('%', 'dml_logger');<\/code><\/pre>\n\n\n\n<p>In our context that could be useful to log all DMLs from any users \/ applications.<\/p>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>To unassign this rule, run the following command:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SELECT audit_log_filter_remove_user('%');<\/code><\/pre>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>To view the assigned rules, run the following command:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SELECT * FROM mysql_audit.audit_log_user;\n\n+-------------+------+------------+\n| USER        | HOST | FILTERNAME |\n+-------------+------+------------+\n| auditee     | %    | dml_logger |\n+-------------+------+------------+<\/code><\/pre>\n\n\n\n<div style=\"height:50px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Accessing and Analyzing Audit Data<\/h2>\n\n\n\n<p>To access audit data, users can simply query it using standard SQL. The primary method for retrieving this information is <code><a href=\"https:\/\/dev.mysql.com\/doc\/refman\/8.4\/en\/audit-log-reference.html#function_audit-log-read\" target=\"_blank\" rel=\"noopener\" title=\"Reads the audit log and returns a JSON string result\">audit_log_read()<\/a><\/code>, which returns the audit records in <strong>JSON format<\/strong>.<\/p>\n\n\n\n<p>For a basic example of how to extract audit log entries, use the following command:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SELECT audit_log_read(audit_log_read_bookmark());<\/code><\/pre>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>To display the audit data in a more readable format, use the<em><code> <a href=\"https:\/\/dev.mysql.com\/doc\/refman\/8.4\/en\/json-utility-functions.html#function_json-pretty\" target=\"_blank\" rel=\"noopener\" title=\"Provides pretty-printing of JSON values\">JSON_PRETTY()<\/a><\/code><\/em> and <code><a href=\"https:\/\/dev.mysql.com\/doc\/refman\/8.4\/en\/cast-functions.html#function_convert\" target=\"_blank\" rel=\"noopener\" title=\"Cast a value as a certain type\"><em>CONVERT()<\/em><\/a><\/code> functions:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SELECT JSON_PRETTY(CONVERT(audit_log_read(audit_log_read_bookmark()) USING UTF8MB4))\\G<\/code><\/pre>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>You can refine your audit data extraction by passing additional parameters to the <code><code><a href=\"https:\/\/dev.mysql.com\/doc\/refman\/8.4\/en\/audit-log-reference.html#function_audit-log-read\" target=\"_blank\" rel=\"noopener\" title=\"Reads the audit log and returns a JSON string result\"><em>audit_log_read()<\/em><\/a><\/code><\/code> function.<br>For example, to retrieve, 10 entries of audit logs starting from a specific timestamp, you can use:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SELECT JSON_PRETTY(CONVERT(audit_log_read('{ \"start\": { \"timestamp\": \"2025-07-02 15:28:12\" }, \"max_array_length\": 10 }')USING UTF8MB4))\\G<\/code><\/pre>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p><strong>Note<\/strong>. You can also use the MySQL&rsquo;s JSON function <a href=\"https:\/\/dev.mysql.com\/doc\/refman\/8.4\/en\/json-table-functions.html\" target=\"_blank\" rel=\"noopener\" title=\"JSON Table Functions\"><code><em>JSON_TABLE<\/em><\/code><\/a>, to transform audit data into a tabular format. For example to extract a subset of JSON name-value pairs and convert them into a structured table, making the data easier to work with and analyze.<\/p>\n\n\n\n<div style=\"height:50px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Playground<\/h2>\n\n\n\n<p>My application uses the <code><em>auditee<\/em><\/code> user account, which has the necessary privileges on the <code><em>s1<\/em><\/code> schema as well as the <code><strong><code><strong><a href=\"https:\/\/dev.mysql.com\/doc\/refman\/9.3\/en\/privileges-provided.html#priv_audit-admin\" target=\"_blank\" rel=\"noopener\" title=\"AUDIT_ADMIN\u00a0privilege\">AUDIT_ADMIN<\/a><\/strong><\/code><\/strong><\/code> privilege:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">CREATE USER auditee@'%' IDENTIFIED BY 'My5up4rP@sS';\n\nGRANT ALL ON s1.* TO auditee@'%';\n\nGRANT AUDIT_ADMIN ON *.* TO auditee@'%';<\/code><\/pre>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>and for this demo I&rsquo;ll use the table <em>s1.t1<\/em>:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">CREATE SCHEMA s1;\nUSE s1;\n\nCREATE TABLE `t1` (\n  `id` int NOT NULL AUTO_INCREMENT,\n  PRIMARY KEY (`id`)\n);<\/code><\/pre>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>Inside a session using the <code><em>auditee@%<\/em><\/code> user account:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SQL> SELECT CURRENT_USER();\n+----------------+\n| CURRENT_USER() |\n+----------------+\n| auditee@%      |\n+----------------+<\/code><\/pre>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>Let&rsquo;s run some queries:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SQL> INSERT t1 VALUES (NULL);\nQuery OK, 1 row affected (0.0029 sec)\n\nSQL> SELECT * FROM t1;\n+----+\n| id |\n+----+\n|  1 |\n+----+<\/code><\/pre>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>We can access the audit data through the SQL interface using the <code><em>audit_log_read()<\/em><\/code> function, as demonstrated earlier:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">SELECT JSON_PRETTY(CONVERT(audit_log_read(audit_log_read_bookmark()) USING UTF8MB4))\\G\n\n*************************** 1. row ***************************\nJSON_PRETTY(CONVERT(audit_log_read(audit_log_read_bookmark()) USING UTF8MB4)): [\n  {\n    \"id\": 0,\n    \"ts\": 1751493370,\n    \"class\": \"table_access\",\n    \"event\": \"insert\",\n    \"login\": {\n      \"ip\": \"10.0.0.241\",\n      \"os\": \"\",\n      \"user\": \"auditee\",\n      \"proxy\": \"\"\n    },\n    \"account\": {\n      \"host\": \"jumpserver.xxxxxxxxxx.yyyyyyyy.oraclevcn.com\",\n      \"user\": \"auditee\"\n    },\n    \"timestamp\": \"2025-07-02 21:56:10\",\n    \"connection_id\": 31332,\n    \"table_access_data\": {\n      \"db\": \"s1\",\n      \"query\": \"INSERT t1 VALUES (NULL)\",\n      \"table\": \"t1\",\n      \"sql_command\": \"insert\"\n    }\n  },\n  null\n]<\/code><\/pre>\n\n\n\n<p>As expected, the INSERT command is logged, not the SELECT.<\/p>\n\n\n\n<div style=\"height:50px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>User <em>auditee<\/em> is now running the following queries:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">UPDATE t1 SET id=100 WHERE id=1;\n\nSELECT * FROM t1;\n\nDELETE FROM t1;<\/code><\/pre>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>The audit log should contain the two DML statements, but not the SELECT query:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">-- events in the log\nSELECT JSON_PRETTY(CONVERT(audit_log_read(audit_log_read_bookmark()) USING UTF8MB4))\\G\n*************************** 1. row ***************************\nJSON_PRETTY(CONVERT(audit_log_read(audit_log_read_bookmark()) USING UTF8MB4)): [\n  {\n    \"id\": 0,\n    \"ts\": 1751493469,\n    \"class\": \"table_access\",\n    \"event\": \"update\",\n    \"login\": {\n      \"ip\": \"10.0.0.241\",\n      \"os\": \"\",\n      \"user\": \"auditee\",\n      \"proxy\": \"\"\n    },\n    \"account\": {\n      \"host\": \"jumpserver.xxxxxxxxxx.yyyyyyyy.oraclevcn.com\",\n      \"user\": \"auditee\"\n    },\n    \"timestamp\": \"2025-07-02 21:57:49\",\n    \"connection_id\": 31332,\n    \"table_access_data\": {\n      \"db\": \"s1\",\n      \"query\": \"UPDATE t1 SET id=100 WHERE id=1\",\n      \"table\": \"t1\",\n      \"sql_command\": \"update\"\n    }\n  },\n  {\n    \"id\": 1,\n    \"ts\": 1751493469,\n    \"class\": \"table_access\",\n    \"event\": \"delete\",\n    \"login\": {\n      \"ip\": \"10.0.0.241\",\n      \"os\": \"\",\n      \"user\": \"auditee\",\n      \"proxy\": \"\"\n    },\n    \"account\": {\n      \"host\": \"jumpserver.xxxxxxxxxx.yyyyyyyy.oraclevcn.com\",\n      \"user\": \"auditee\"\n    },\n    \"timestamp\": \"2025-07-02 21:57:49\",\n    \"connection_id\": 31332,\n    \"table_access_data\": {\n      \"db\": \"s1\",\n      \"query\": \"DELETE FROM t1\",\n      \"table\": \"t1\",\n      \"sql_command\": \"delete\"\n    }\n  },\n  null\n]<\/code><\/pre>\n\n\n\n<p>Et voil\u00e0!<\/p>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p style=\"text-decoration:underline\"><strong>Let&rsquo;s finish this article with some examples in bulk<\/strong><\/p>\n\n\n\n<p>Starting from a particular timestamp (2025-07-02 21:56:10):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">-- At most 3 events at that time\nSELECT JSON_PRETTY(CONVERT(audit_log_read('{ \"start\": { \"timestamp\": \"2025-07-02 21:56:10\" }, \"max_array_length\": 3 }')USING UTF8MB4))\\G\n*************************** 1. row ***************************\nJSON_PRETTY(CONVERT(audit_log_read('{ \"start\": { \"timestamp\": \"2025-07-02 21:56:10\" }, \"max_array_length\": 3 }')USING UTF8MB4)): [\n  {\n    \"id\": 0,\n    \"ts\": 1751493370,\n    \"class\": \"table_access\",\n    \"event\": \"insert\",\n    \"login\": {\n      \"ip\": \"10.0.0.241\",\n      \"os\": \"\",\n      \"user\": \"auditee\",\n      \"proxy\": \"\"\n    },\n    \"account\": {\n      \"host\": \"jumpserver.xxxxxxxxxx.yyyyyyyy.oraclevcn.com\",\n      \"user\": \"auditee\"\n    },\n    \"timestamp\": \"2025-07-02 21:56:10\",\n    \"connection_id\": 31332,\n    \"table_access_data\": {\n      \"db\": \"s1\",\n      \"query\": \"INSERT t1 VALUES (NULL)\",\n      \"table\": \"t1\",\n      \"sql_command\": \"insert\"\n    }\n  },\n  {\n    \"id\": 0,\n    \"ts\": 1751493469,\n    \"class\": \"table_access\",\n    \"event\": \"update\",\n    \"login\": {\n      \"ip\": \"10.0.0.241\",\n      \"os\": \"\",\n      \"user\": \"auditee\",\n      \"proxy\": \"\"\n    },\n    \"account\": {\n      \"host\": \"jumpserver.xxxxxxxxxx.yyyyyyyy.oraclevcn.com\",\n      \"user\": \"auditee\"\n    },\n    \"timestamp\": \"2025-07-02 21:57:49\",\n    \"connection_id\": 31332,\n    \"table_access_data\": {\n      \"db\": \"s1\",\n      \"query\": \"UPDATE t1 SET id=100 WHERE id=1\",\n      \"table\": \"t1\",\n      \"sql_command\": \"update\"\n    }\n  },\n  {\n    \"id\": 1,\n    \"ts\": 1751493469,\n    \"class\": \"table_access\",\n    \"event\": \"delete\",\n    \"login\": {\n      \"ip\": \"10.0.0.241\",\n      \"os\": \"\",\n      \"user\": \"auditee\",\n      \"proxy\": \"\"\n    },\n    \"account\": {\n      \"host\": \"jumpserver.xxxxxxxxxx.yyyyyyyy.oraclevcn.com\",\n      \"user\": \"auditee\"\n    },\n    \"timestamp\": \"2025-07-02 21:57:49\",\n    \"connection_id\": 31332,\n    \"table_access_data\": {\n      \"db\": \"s1\",\n      \"query\": \"DELETE FROM t1\",\n      \"table\": \"t1\",\n      \"sql_command\": \"delete\"\n    }\n  },\n  null\n]<\/code><\/pre>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>First event (max_array_length: 1) at that particular timestamp (2025-07-02 21:56:10):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">-- first event at that time\nSELECT JSON_PRETTY(CONVERT(audit_log_read('{ \"start\": { \"timestamp\": \"2025-07-02 21:56:10\" }, \"max_array_length\": 1 }')USING UTF8MB4))\\G\n*************************** 1. row ***************************\nJSON_PRETTY(CONVERT(audit_log_read('{ \"start\": { \"timestamp\": \"2025-07-02 21:56:10\" }, \"max_array_length\": 1 }')USING UTF8MB4)): [\n  {\n    \"id\": 0,\n    \"ts\": 1751493370,\n    \"class\": \"table_access\",\n    \"event\": \"insert\",\n    \"login\": {\n      \"ip\": \"10.0.0.241\",\n      \"os\": \"\",\n      \"user\": \"auditee\",\n      \"proxy\": \"\"\n    },\n    \"account\": {\n      \"host\": \"jumpserver.xxxxxxxxxx.yyyyyyyy.oraclevcn.com\",\n      \"user\": \"auditee\"\n    },\n    \"timestamp\": \"2025-07-02 21:56:10\",\n    \"connection_id\": 31332,\n    \"table_access_data\": {\n      \"db\": \"s1\",\n      \"query\": \"INSERT t1 VALUES (NULL)\",\n      \"table\": \"t1\",\n      \"sql_command\": \"insert\"\n    }\n  }\n]<\/code><\/pre>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>Second event (id=1) at that particular timestamp (2025-07-02 21:57:49)<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"sql\" class=\"language-sql\">-- event id=1 at that time\nSELECT JSON_PRETTY(CONVERT(audit_log_read('{ \"timestamp\": \"2025-07-02 21:57:49\", \"id\": 1 }')USING UTF8MB4))\\G\n*************************** 1. row ***************************\nJSON_PRETTY(CONVERT(audit_log_read('{ \"timestamp\": \"2025-07-02 21:57:49\", \"id\": 1 }')USING UTF8MB4)): [\n  {\n    \"id\": 1,\n    \"ts\": 1751493469,\n    \"class\": \"table_access\",\n    \"event\": \"delete\",\n    \"login\": {\n      \"ip\": \"10.0.0.241\",\n      \"os\": \"\",\n      \"user\": \"auditee\",\n      \"proxy\": \"\"\n    },\n    \"account\": {\n      \"host\": \"jumpserver.xxxxxxxxxx.yyyyyyyy.oraclevcn.com\",\n      \"user\": \"auditee\"\n    },\n    \"timestamp\": \"2025-07-02 21:57:49\",\n    \"connection_id\": 31332,\n    \"table_access_data\": {\n      \"db\": \"s1\",\n      \"query\": \"DELETE FROM t1\",\n      \"table\": \"t1\",\n      \"sql_command\": \"delete\"\n    }\n  },\n  null\n]<\/code><\/pre>\n\n\n\n<div style=\"height:50px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Peroraison<\/h2>\n\n\n\n<p>HeatWave MySQL Database Audit offers a powerful, enterprise-grade auditing framework that seamlessly extends MySQL Enterprise Audit capabilities to the cloud. By enabling fine-grained filtering, real-time monitoring, and flexible log access via SQL, it empowers database administrators and security teams to ensure compliance, enhance visibility, and strengthen operational security.<\/p>\n\n\n\n<p>In this article, we demonstrated how to track all DML operations executed by a specific application user using a dedicated audit filter. From enabling the audit plugin to querying structured audit logs, HeatWave makes it straightforward to implement robust auditing practices with minimal overhead.<\/p>\n\n\n\n<p>Whether you&rsquo;re working toward regulatory compliance, safeguarding sensitive data, or optimizing database performance, HeatWave MySQL Database Audit equips you with the tools needed to meet modern data governance and security demands\u2014efficiently and effectively.<\/p>\n\n\n\n<p>By leveraging HeatWave MySQL Database Audit, you&rsquo;re not just logging data; you&rsquo;re building a foundation of trust and accountability for your critical database operations.<\/p>\n\n\n\n<div style=\"height:50px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>Stay tuned for more insights!<\/p>\n\n\n<div class=\"wp-block-image is-style-default\">\n<figure data-wp-context=\"{&quot;imageId&quot;:&quot;6a03918dd7aaf&quot;}\" data-wp-interactive=\"core\/image\" data-wp-key=\"6a03918dd7aaf\" class=\"aligncenter size-thumbnail wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"830\" height=\"271\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on--click=\"actions.showLightbox\" data-wp-on--load=\"callbacks.setButtonStyles\" data-wp-on-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/2024\/12\/HeatWave_logo.png?resize=150%2C150&amp;ssl=1\" alt=\"HeatWave\" class=\"wp-image-7222\" srcset=\"https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/2024\/12\/HeatWave_logo.png?w=830&amp;ssl=1 830w, https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/2024\/12\/HeatWave_logo.png?resize=300%2C98&amp;ssl=1 300w, https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/2024\/12\/HeatWave_logo.png?resize=800%2C261&amp;ssl=1 800w, https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/2024\/12\/HeatWave_logo.png?resize=768%2C251&amp;ssl=1 768w\" sizes=\"auto, (max-width: 830px) 100vw, 830px\" \/><button\n\t\t\tclass=\"lightbox-trigger\"\n\t\t\ttype=\"button\"\n\t\t\taria-haspopup=\"dialog\"\n\t\t\taria-label=\"Agrandir\"\n\t\t\tdata-wp-init=\"callbacks.initTriggerButton\"\n\t\t\tdata-wp-on--click=\"actions.showLightbox\"\n\t\t\tdata-wp-style--right=\"state.imageButtonRight\"\n\t\t\tdata-wp-style--top=\"state.imageButtonTop\"\n\t\t>\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewBox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\" \/>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure>\n<\/div>\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p><a href=\"https:\/\/www.linkedin.com\/groups\/12524512\/\" target=\"_blank\" rel=\"noopener\" title=\"Olivier DASINI on Linkedin\">Follow me on Linkedin<\/a><\/p>\n\n\n\n<p>Watch my videos on my <a href=\"https:\/\/www.youtube.com\/channel\/UC12TulyJsJZHoCmby3Nm3WQ\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"Olivier's MySQL Channel\">YouTube channel<\/a> and <a href=\"https:\/\/www.youtube.com\/channel\/UC12TulyJsJZHoCmby3Nm3WQ\/?sub_confirmation=1\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"Subscribe\">subscribe<\/a>.<\/p>\n\n\n\n<p>My <a href=\"https:\/\/www.slideshare.net\/freshdaz\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"Olivier DASINI on Slideshare\">Slideshare account<\/a>.<\/p>\n\n\n\n<p>My <a href=\"https:\/\/speakerdeck.com\/freshdaz\/\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"Olivier DASINI on Speaker Deck\">Speaker Deck account<\/a>.<\/p>\n\n\n\n<div style=\"height:25px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"has-vivid-red-color has-text-color\"><strong>Thanks for using HeatWave &amp; MySQL!<\/strong><\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>HeatWave MySQL Database Audit brings powerful enterprise-grade auditing capabilities to the cloud, allowing organizations to monitor and track database activity for security, compliance, and performance optimization. With features like customizable filters, real-time monitoring, minimal overhead, and seamless integration with MySQL tools, it enables administrators to log critical operations, detect threats, and maintain detailed records for regulatory requirements. The audit system is easy to set up, supports granular activity tracking, and provides actionable insights directly through the SQL interface.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":""},"categories":[1694,1719,203,365,339],"tags":[385,306,1697,383,367],"class_list":["post-7929","post","type-post","status-publish","format-standard","hentry","category-heatwave-en","category-mds-en","category-mysql-en","category-security","category-tuto-en","tag-audit-en","tag-cloud","tag-heatwave-fr-en","tag-mysql-enterprise","tag-security"],"aioseo_notices":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9LfWW-23T","jetpack-related-posts":[{"id":2222,"url":"https:\/\/dasini.net\/blog\/2018\/04\/04\/mysql-security-mysql-enterprise-audit\/","url_meta":{"origin":7929,"position":0},"title":"MySQL Security &#8211; MySQL Enterprise Audit","author":"Olivier DASINI","date":"4 avril 2018","format":false,"excerpt":"In order to spot database misuse and\/or to prove compliance to popular regulations including GDPR, PCI DSS, HIPAA, ... database administrators can be required to record and audit database activities. In this fifth episode of the\u00a0MySQL Security series, we will see what MySQL Enterprise Audit provide to help organizations implement\u2026","rel":"","context":"Dans &quot;MySQL&quot;","block_context":{"text":"MySQL","link":"https:\/\/dasini.net\/blog\/category\/mysql-en\/"},"img":{"alt_text":"MySQL Security","src":"https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/MySQL_DB_Lock2.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":2177,"url":"https:\/\/dasini.net\/blog\/2018\/03\/14\/mysql-security-user-account-locking\/","url_meta":{"origin":7929,"position":1},"title":"MySQL Security &#8211; User Account Locking","author":"Olivier DASINI","date":"14 mars 2018","format":false,"excerpt":"For security reasons some context require you to setup a user account locking policy. Thus an unauthorized user is not able (anymore) to login to the MySQL server. In this 3rd article of the\u00a0MySQL 5.7 Security series, we\u00a0will see how to [un]lock a user account.","rel":"","context":"Dans &quot;MySQL&quot;","block_context":{"text":"MySQL","link":"https:\/\/dasini.net\/blog\/category\/mysql-en\/"},"img":{"alt_text":"MySQL Security","src":"https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/MySQL_DB_Lock2.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":3557,"url":"https:\/\/dasini.net\/blog\/2020\/04\/15\/mysql-security-random-password-generation\/","url_meta":{"origin":7929,"position":2},"title":"MySQL Security &#8211; Random Password Generation","author":"Olivier DASINI","date":"15 avril 2020","format":false,"excerpt":"MySQL has the capability of generating random passwords for user accounts, as an alternative to requiring explicit administrator-specified literal passwords.","rel":"","context":"Dans &quot;MySQL&quot;","block_context":{"text":"MySQL","link":"https:\/\/dasini.net\/blog\/category\/mysql-en\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/VND0KvuX7bc\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":2248,"url":"https:\/\/dasini.net\/blog\/2018\/04\/10\/mysql-security-mysql-enterprise-transparent-data-encryption\/","url_meta":{"origin":7929,"position":3},"title":"MySQL Security &#8211; MySQL Enterprise Transparent Data Encryption","author":"Olivier DASINI","date":"10 avril 2018","format":false,"excerpt":"In this sixth episode of the\u00a0MySQL Security series, we will see\u00a0how data-at-rest encryption\u00a0helps organizations implement stronger security controls and satisfy regulatory compliance. You will be able to protect the privacy of your information, prevent data breaches and help meet popular regulatory requirements including GDPR, PCI DSS, HIPAA with MySQL Enterprise\u2026","rel":"","context":"Dans &quot;MySQL&quot;","block_context":{"text":"MySQL","link":"https:\/\/dasini.net\/blog\/category\/mysql-en\/"},"img":{"alt_text":"MySQL Security","src":"https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/MySQL_DB_Lock2.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":4943,"url":"https:\/\/dasini.net\/blog\/2021\/09\/07\/discovering-mysql-database-service-episode-6-update-the-private-subnet-security-list\/","url_meta":{"origin":7929,"position":4},"title":"Discovering MySQL Database Service \u2013 Episode 6 \u2013 Update the Private Subnet Security List","author":"Olivier DASINI","date":"7 septembre 2021","format":false,"excerpt":"MySQL, the world\u2019s most popular open source database, is available as a managed cloud service in Oracle Cloud Infrastructure (OCI) under the name of MySQL Database Service (MDS). This is the sixth episode of \u201cDiscovering MySQL Database Service\u201c, a series of tutorials where I will show you, step by step,\u2026","rel":"","context":"Dans &quot;Cloud&quot;","block_context":{"text":"Cloud","link":"https:\/\/dasini.net\/blog\/category\/cloud\/"},"img":{"alt_text":"MySQL Database Service","src":"https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/2021\/06\/MDS_car_801x600.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/2021\/06\/MDS_car_801x600.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/2021\/06\/MDS_car_801x600.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/2021\/06\/MDS_car_801x600.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":2353,"url":"https:\/\/dasini.net\/blog\/2018\/04\/16\/mysql-security-mysql-enterprise-firewall\/","url_meta":{"origin":7929,"position":5},"title":"MySQL Security \u2013 MySQL Enterprise Firewall","author":"Olivier DASINI","date":"16 avril 2018","format":false,"excerpt":"In this seventh episode of the\u00a0MySQL Security series, we will see how MySQL Enterprise Firewall can help you to strengthen the protection of your data, in real-time, against cyber security threats like SQL Injection attacks by monitoring, alerting, and blocking unauthorized database activity without any changes to your applications.","rel":"","context":"Dans &quot;MySQL&quot;","block_context":{"text":"MySQL","link":"https:\/\/dasini.net\/blog\/category\/mysql-en\/"},"img":{"alt_text":"MySQL Security","src":"https:\/\/i0.wp.com\/dasini.net\/blog\/wp-content\/uploads\/MySQL_DB_Lock2.png?resize=350%2C200","width":350,"height":200},"classes":[]}],"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/posts\/7929","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/comments?post=7929"}],"version-history":[{"count":141,"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/posts\/7929\/revisions"}],"predecessor-version":[{"id":8072,"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/posts\/7929\/revisions\/8072"}],"wp:attachment":[{"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/media?parent=7929"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/categories?post=7929"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dasini.net\/blog\/wp-json\/wp\/v2\/tags?post=7929"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}