Saturday Sep 29, 2012

New in MySQL Enterprise Edition: Policy-based Auditing!

For those with an interest in MySQL, this weekend's MySQL Connect conference in San Francisco has gotten off to a great start. On Saturday Tomas announced the feature complete MySQL 5.6 Release Candidate that is now available for Community adoption and testing. This announcement marks the sprint to GA that should be ready for release within the next 90 days. You can get a quick summary of the key 5.6 features here or better yet download the 5.6 RC (under “Development Releases”), review what's new and try it out for yourself! There were also product related announcements around MySQL Cluster 7.3 and MySQL Enterprise Edition . This latter announcement is of particular interest if you are faced with internal and regulatory compliance requirements as it addresses and solves a pain point that is shared by most developers and DBAs; new, out of the box compliance for MySQL applications via policy-based audit logging of user and query level activity.

One of the most common requests we get for the MySQL roadmap is for quick and easy logging of audit events. This is mainly due to how web-based applications have evolved from nice-to-have enablers to mission-critical revenue generation and the important role MySQL plays in the new dynamic. In today’s virtual marketplace, PCI compliance guidelines ensure credit card data is secure within e-commerce apps; from a corporate standpoint, Sarbanes-Oxely, HIPAA and other regulations guard the medical, financial, public sector and other personal data centric industries. For supporting applications audit policies and controls that monitor the eyes and hands that have viewed and acted upon the most sensitive of data is most commonly implemented on the back-end database.

With this in mind, MySQL 5.5 introduced an open audit plugin API that enables all MySQL users to write their own auditing plugins based on application specific requirements. While the supporting docs are very complete and provide working code samples, writing an audit plugin requires time and low-level expertise to develop, test, implement and maintain. To help those who don't have the time and/or expertise to develop such a plugin, Oracle now ships MySQL 5.5.28 and higher with an easy to use, out-of-the-box auditing solution; MySQL Enterprise Audit.

MySQL Enterprise Audit

The premise behind MySQL Enterprise Audit is simple; we wanted to provide an easy to use, policy-based auditing solution that enables you to quickly and seamlessly add compliance to your MySQL applications. MySQL Enterprise Audit meets this requirement by enabling you to:

1. Easily install the needed components.

Installation requires an upgrade to MySQL 5.5.28 (Enterprise edition), which can be downloaded from the My Oracle Support portal or the Oracle Software Delivery Cloud. After installation, you simply add the following to your my.cnf file to register and enable the audit plugin:

[mysqld] (keep in mind the audit_log suffix is platform dependent, so .dll on Windows, etc.)

or alternatively you can load the plugin at runtime:

mysql> INSTALL PLUGIN audit_log SONAME '';

2. Dynamically enable and disable the audit stream for a specific MySQL server.

A new global variable called audit_log_policy allows you to dynamically enable and disable audit stream logging for a specific MySQL server. The variable parameters are described below.

3. Define audit policy based on what needs to be logged (everything, logins, queries, or nothing), by server.

The new audit_log_policy variable uses the following valid, descriptively named values to enable, disable audit stream logging and to filter the audit events that are logged to the audit stream:

  • "ALL" - enable audit stream and log all events

  • "LOGINS" - enable audit stream and log only login events

  • "QUERIES" - enable audit stream and log only querie events

  • "NONE" - disable audit stream

4. Manage audit log files using basic MySQL log rotation features.

A new global variable, audit_log_rotate_on_size, allows you to automate the rotation and archival of audit stream log files based on size with archived log files renamed and appended with datetime stamp when a new file is opened for logging.

5. Integrate the MySQL audit stream with MySQL, Oracle tools and other third-party solutions.

The MySQL audit stream is written as XML, using UFT-8 and can be easily formatted for viewing using a standard XML parser. This enables you to leverage tools from MySQL and others to view the contents. The audit stream was also developed to meet the Oracle database audit stream specification so combined Oracle/MySQL shops can import and manage MySQL audit images using the same Oracle tools they use for their Oracle databases.

So assuming a successful MySQL 5.5.28 upgrade or installation, a common set up and use case scenario might look something like this:

It should be noted that MySQL Enterprise Audit was designed to be transparent at the application layer by allowing you to control the mix of log output buffering and asynchronous or synchronous disk writes to minimize the associated overhead that comes when the audit stream is enabled. The net result is that, depending on the chosen audit stream log stream options, most application users will see little to no difference in response times when the audit stream is enabled.

So what are your next steps?

As always, thanks for your continued support of MySQL!

Monday Aug 15, 2011

Oracle Virtualization Launch

A few weeks ago we announced the Oracle VM Template for MySQL Enterprise Edition, which helps eliminate manual configuration efforts and risks by providing a pre-installed, pre-configured and certified software stack including Oracle VM Server for x86, Oracle Linux with the Unbreakable Enterprise Kernel and MySQL Enterprise Edition.

On Tuesday August 23rd at 10.00 am PT, Oracle will be hosting an Oracle virtualization launch event.

If you’re based in the SF bay area, you’re welcome to join the event in person at the Oracle Conference Center. Professor Hector Garcia-Molina and Oracle virtualization experts Edward Screven, Wim Coekaerts, and Hasan Rizvi will share their views on the impact and evolution of virtualization.  Space is limited so register now!

Alternatively, you can watch the live webcast.

Thursday Aug 04, 2011

Oracle OpenWorld: One More Week to Enjoy Early Bird Rate and Extra Discount!

The early bird registration for Oracle OpenWorld has been extended to August 12. Sign up now to save $500 with the early bird rate, plus an extra $500 discount using the code "MYSQL11", which adds up to $1,000 savings in total compared to the on-site rate!

Don't miss this (extended) opportunity to attend the 40+ MySQL sessions and meet with the MySQL experts face to face. You can find all the MySQL talks at Oracle OpenWorld in the Content Catalog by selecting "MySQL" under the "Database Stream". Highlights include:

  • MySQL - The State of the Dolphin, by Tomas Ulin
  • Advanced MySQL Replication Architectures, by Lars Thalmann and Luis Soares
  • NoSQL Access to MySQL - The Best of Both Worlds, by Andrew Morgan and Bernhard Ocklin
  • MySQL Performance Tuning at Ning, by Chris Schneider and Tom Disheroon
  • Becoming a Rock Star MySQL DBA, by Sheeri Cabral
  • Ticketmaster: Building the Fastest Ticketing Site with MySQL and Oracle Database, by Ed Presz and Jorge Chereque

We look forward to seeing you there!

Monday Apr 04, 2011

MySQL Community Reception by Oracle - Santa Clara

[Read More]

Monday Mar 21, 2011

Oracle OpenWorld 2011, Call for Papers Open

[Read More]

Wednesday Mar 16, 2011

Attend COLLABORATE 11 Virtualy

[Read More]

Get the Latest on MySQL Enterprise Edition

[Read More]

Monday Mar 14, 2011

First Ever MySQL on Windows Online Forum - March 16, 2011

[Read More]

Wednesday Feb 16, 2011

OurSQL: The MySQL Database Community Podcast

[Read More]

Thursday Feb 10, 2011

MySQL - Powering Online Media & Entertainment

[Read More]

Friday Jan 21, 2011

MySQL Events in Europe

[Read More]

Monday Jan 17, 2011

MySQL Makes The Cover of Oracle Magazine!

[Read More]

Tuesday Jan 11, 2011

Central Banks Rely On MySQL Based Simulator

[Read More]

Get the latest updates on products, technology, news, events, webcasts, customers and more.




« August 2016