MySQL 8.0 Enterprise Audit

Tuesday, 07 May 2019 by Lucas Vogel

MySQL Enterprise Audit uses the open MySQL Audit API and Oracle audit specification to provide an easy to use auditing and compliance solution for internal and external regulatory and compliance guidelines.

Category: Enterprise Features

Enterprise Audit]( is a server-side plugin that offers a highly customizable audit log (literally audit.log in the server data directory) of user and administrative activity. You can record events such as:

  • user connect/disconnect events
  • table access and SQL statements
  • application-specific tasks, such as the retrieval or update of a specific record

Audit logs in version 8 are written by default into an XML format compatible with Oracle Audit Vault, however, JSON and the XML format used by previous MySQL versions is also available via the audit_log_format server variable. Compression and encryption options are also available for the audit log.

The Audit Message Component

One of the latest updates to MySQL Enterprise 8 introduces the audit_api_message_emit component, allowing applications to write their own message events to the audit log.

In SQL, the audit_api_message_emit_udf user-defined function is executed in your stored procedure, like this:

SELECT audit_api_message_emit_udf('component_text',
                                         'key1', 'value1',
                                         'key2', 123,
                                         'key3', NULL) AS 'Message';

In your audit log, you'll end up with audit log output looking something like this (JSON):

  "class": "message",
  "event": "user",
  "message_data": {
    "component": "component_text",
    "producer": "producer_text",
    "message": "message_text",
    "map": {
      "key1": "value1",
      "key2": 123,
      "key3": null

or this (by default):

MySQL Enterprise Audit

If you'd like to know more information about MySQL 8.0 Enterprise Audit or view a demonstration, please contact us and we'll schedule an appointment.