November 26, 2014

About Miguel Angel Nieto

Miguel joined Percona in October 2011. He has worked as a System Administrator for a Free Software consultant and in the supporting area of the biggest hosting company in Spain. His current focus is improving MySQL and helping the community of Free Software to grow. Miguel's roles inside Percona are Senior Support Engineer and Manager of EMEA Support Team.


  1. Mark Leith says:

    There is also the option of creating a specific log with an Audit API plugin using the MYSQL_AUDIT_CONNECTION_CLASS event class:

    This should give less overhead than the general log approach, and more detailed stats than the user statistics approach (which is generally required for proper auditing).

  2. Some time ago I had a need to temporary log successful connections without using regular log.
    I did it in the following way:

    Wrote UDF function which accepted 4 arguments: user(),current_user(),now(),connection_id().
    Results should be stored into the custom log file.
    Finally, defined init-connect to execute this UDF.

    PS. I almost don’t have users with SUPER privilege, so this way was worked fine for me.

  3. Troy Davis says:

    One more avenue for tailing and searching slow queries, especially with more than one MySQL server, more than one person who cares, or queries that you need to find a day or two later:

    You can use MySQL’s native syslog support (5.1.20 and later) and send it through the system syslog daemon, or keep logging to a standalone log file with either the system syslogd or a transmitter like remote_syslog ( Papertrail gives you the remote syslog target.

    I operate it and the standard first thing that I suggest is a nightly email containing slow queries: Just getting something pushed out on a regular basis seems to help a ton.

  4. Comment from Daniel: if you tcpdump your mysql traffic, pt-query-digest >= 2.1.9 can detect failed connections now. See bug

  5. Shameless plug: you can now use the audit_login plugin, to find out about failed or successful logins; where they came from; attempted user credentials etc.

Speak Your Mind