Skip to content

Commit c996386

Browse files
authored
Merge pull request #620 from percona/ps-10349-8.4
PS-10349 [DOCS] - audit log filter does not support filtering by inte…
2 parents 364a8bd + 74e9a5f commit c996386

File tree

3 files changed

+16
-0
lines changed

3 files changed

+16
-0
lines changed

docs/audit-log-filter-restrictions.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,3 +24,5 @@ The Audit Log Filter has the following general restrictions:
2424
As by default the content of the `mysql.audit_log_filter` and `mysql.audit_log_user` tables may be replicated from source to replica and may affect audit log rules created on the replica, it is recommended to configure replication in such a way that the changes in these tables are simply ignored.
2525

2626
Please notice that just changing the content of these tables (via replication channel) is not enough to automatically make changes to in-memory data structures in the `audit_log_filter` component that store information about active audit log filtering rules. However, this may happen after component reloading / server restart or manually calling `audit_log_filter_flush()`.
27+
28+
* Filter only on string values. The audit log filter does not filter on integer values. All filter criteria must be specified as strings, even when the underlying value is numeric. For example, `connection_id` values must be specified as strings (for example, `"123"` rather than `123`), and status values must be specified as `"0"` or `"1"` rather than `0` or `1`. If you use integer values in your filter definition, you will see the error: `ERROR: Incorrect rule definition.`

docs/filter-audit-log-filter-files.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,9 @@ You can assign filters to a specific user account or disassociate a user account
6969
| status Filter | `0`: Successful operations |
7070
| | `1`: Failed operations |
7171

72+
!!! note "Filter definition"
73+
Status values must be specified as strings (for example, `"0"`, `"1"`). The audit log filter does not filter on integer values, only on string values. If you use integer values, you will see the error: `ERROR: Incorrect rule definition.`
74+
7275
### Examples
7376

7477
Create simple filters
@@ -176,3 +179,6 @@ mysql> SELECT audit_log_filter_set_filter('log_disconnect', '{
176179
| thread_id | Filters by specific MySQL thread identifiers | ["12345", "67890"] | Actions within a particular database thread |
177180
| query_time | Filters based on query execution duration | N/A | Long-running or quick queries |
178181

182+
!!! note "Filter definition"
183+
Status, thread ID, and connection ID values must be specified as strings (for example, `"0"`, `"1"`, `"12345"`). The audit log filter does not filter on integer values, only on string values. If you use integer values, you will see the error: `ERROR: Incorrect rule definition.`
184+

docs/write-filter-definitions.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -335,6 +335,9 @@ This example defines a filter that `excludes` (negate: true) all table access ev
335335
}
336336
```
337337

338+
!!! note "Filter definition"
339+
In the filter definitions shown in this example, status values are displayed as integers for readability, but they must be specified as strings in your actual filter definitions (for example, `"status": ["0"]` or `"status": ["1"]`). The audit log filter does not filter on integer values, only on string values. This applies to all numeric filter criteria, including `connection_id`, `thread_id`, and `status`. If you use integer values, you will see the error: `ERROR: Incorrect rule definition.`
340+
338341
This filter captures failed update/delete modifications by admin and developer users in the financial database and successful connections for the `external_service` user
339342

340343
## Best practices
@@ -401,7 +404,12 @@ SELECT audit_log_filter_set_filter('financial_tracking', '{
401404
]
402405
}
403406
}');
407+
```
404408

409+
!!! note "Filter definition"
410+
In the filter definition shown in this example, status values are displayed as integers (`[0, 1]`) for readability, but they must be specified as strings in your actual filter definitions (for example, `"status": ["0", "1"]`). The audit log filter does not filter on integer values, only on string values. This applies to all numeric filter criteria, including `connection_id`, `thread_id`, and `status`. If you use integer values, you will see the error: `ERROR: Incorrect rule definition.`
411+
412+
```sql
405413
-- Assign the filter to all users
406414
SELECT audit_log_filter_set_user('%', '%', 'financial_tracking');
407415
```

0 commit comments

Comments
 (0)