MySQL General Log – How to Enable and Use

connectionslinuxlogMySQL

Is there away to have MySQL dump its log to a remote MySQL server?

I would like to audit MySQL connections but I don't want the server to store all the information local on its own hardware.

Best Answer

I have good news and bad news on this one.

GOOD NEWS

You could use the general log as a table you can query

Step 01) Add this to /etc/my.cnf

[mysqld] 
log
log-output=TABLE

Step 02) service mysql restart

OK mysqld is not recording every query in the table mysql.general_log. Problem: look at the initial layout of mysql.general_log:

mysql> show create table mysql.general_log\G 
*************************** 1. row *************************** 
       Table: general_log 
Create Table: CREATE TABLE `general_log` ( 
  `event_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, 
  `user_host` mediumtext NOT NULL, 
  `thread_id` int(11) NOT NULL, 
  `server_id` int(10) unsigned NOT NULL, 
  `command_type` varchar(64) NOT NULL, 
  `argument` mediumtext NOT NULL 
) ENGINE=CSV DEFAULT CHARSET=utf8 COMMENT='General log' 
1 row in set (0.09 sec)

What good is a the general log as a CSV table

Step 03) Make mysql.general_log a MyISAM table and index it

 SET @old_log_state = @@global.general_log; 
 SET GLOBAL general_log = 'OFF'; 
 ALTER TABLE mysql.general_log ENGINE = MyISAM; 
 ALTER TABLE mysql.general_log ADD INDEX (event_time); 
 SET GLOBAL general_log = @old_log_state;

Now it looks like this:

mysql> show create table general_log\G
*************************** 1. row ***************************
       Table: general_log
Create Table: CREATE TABLE `general_log` (
  `event_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
  `user_host` mediumtext NOT NULL,
  `thread_id` int(11) NOT NULL,
  `server_id` int(10) unsigned NOT NULL,
  `command_type` varchar(64) NOT NULL,
  `argument` mediumtext NOT NULL,
  KEY `event_time` (`event_time`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='General log'
1 row in set (0.00 sec)

mysql>

THe user and host values are appended together in the user_host fields.

How do you rotate out the general log?

Here is an example of how to blank out mysql.general_log:

SET @old_log_state = @@global.general_log; 
SET GLOBAL general_log = 'OFF'; 
CREATE TABLE mysql.general_log_new LIKE mysql.general_log; 
DROP TABLE mysql.general_log; 
ALTER TABLE mysql.general_log_new RENAME mysql.general_log; 
SET GLOBAL general_log = @old_log_state;

Here is an example of how to keep the last 3 days of entries:

SET @old_log_state = @@global.general_log; 
SET GLOBAL general_log = 'OFF'; 
CREATE TABLE mysql.general_log_new LIKE mysql.general_log; 
INSERT INTO mysql.general_log_new 
SELECT * FROM mysql.general_log WHERE event_time > NOW() - INTERVAL 3 DAY; 
DROP TABLE mysql.general_log; 
ALTER TABLE mysql.general_log_new RENAME mysql.general_log; 
SET GLOBAL general_log = @old_log_state;

BAD NEWS

Anything you have collected in the text file version of the general log will not come for the ride. You can collect new entries going forward.

Related Solutions

MySQL – How to Enable General Log

The flags you need to activate the general log and the slow on in the MySQL Documentation

log (to activate the general log)
general log (to name the log file)
slow query log (to activate the slow log)
log output (specify either FILE or TABLE for where logging info is written)

I would recommend using log-output=TABLE

It will save the logging of general log and slow log info to MySQL tables

mysql.general_log
mysql.slow_log

You should convert them to MyISAM. That way, you can index the tables by the timestamp and perform SELECT queries from them.

By default, these files use the CSV storage engine.

mysql> show create table mysql.general_log\G
*************************** 1. row ***************************
       Table: general_log
Create Table: CREATE TABLE `general_log` (
  `event_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
  `user_host` mediumtext NOT NULL,
  `thread_id` int(11) NOT NULL,
  `server_id` int(10) unsigned NOT NULL,
  `command_type` varchar(64) NOT NULL,
  `argument` mediumtext NOT NULL
) ENGINE=CSV DEFAULT CHARSET=utf8 COMMENT='General log'
1 row in set (0.09 sec)

mysql> show create table mysql.slow_log\G
*************************** 1. row ***************************
       Table: slow_log
Create Table: CREATE TABLE `slow_log` (
  `start_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
  `user_host` mediumtext NOT NULL,
  `query_time` time NOT NULL,
  `lock_time` time NOT NULL,
  `rows_sent` int(11) NOT NULL,
  `rows_examined` int(11) NOT NULL,
  `db` varchar(512) NOT NULL,
  `last_insert_id` int(11) NOT NULL,
  `insert_id` int(11) NOT NULL,
  `server_id` int(10) unsigned NOT NULL,
  `sql_text` mediumtext NOT NULL
) ENGINE=CSV DEFAULT CHARSET=utf8 COMMENT='Slow log'
1 row in set (0.05 sec)

mysql>

Convert the general log and index it by event_time:

SET @old_log_state = @@global.general_log;
SET GLOBAL general_log = 'OFF';
ALTER TABLE mysql.general_log ENGINE = MyISAM;
ALTER TABLE mysql.general_log ADD INDEX (event_time);
SET GLOBAL general_log = @old_log_state;

Convert the slow log and index it by start_time:

SET @old_log_state = @@global.slow_query_log;
SET GLOBAL slow_query_log = 'OFF';
ALTER TABLE mysql.slow_log ENGINE = MyISAM;
ALTER TABLE mysql.slow_log ADD INDEX (start_time);
SET GLOBAL slow_query_log = @old_log_state;

Give it a Try !!!

Mysql – strategy for enabling a general query log on MySQL 5.0.95 with no restart

I do not think for v5.0.95 is it possible to enable general log without server restart, but as of MySQL 5.1.12, you can by executing this query, You can try this on v5.0.95 as well and see whether it works or not,

SET GLOBAL general_log = 'ON';

This method works on any platform and does not require a server restart.

Baron has written a script to enable and disable log without restart of server for v5.0 as mentioned below:

http://www.mysqlperformanceblog.com/2007/09/13/enablingdisabling-query-log-without-server-restart-in-mysql-50/