Audit Logging Levels
On this page
Warning
As of the time of this publication, strict mode is available and licensed only as part of the SingleStore Enterprise edition.
There are 11 logging levels that can be specified by the auditlog_
variable in a node’s memsql.
-
Logging is disabled:
-
OFF
-
-
Log only valid statements and queries:
-
LOGINS-ONLY
-
ADMIN-ONLY
-
WRITES-ONLY
-
ALL-QUERIES
-
ALL-QUERIES-PLAINTEXT
-
ALL-RESULTS
-
-
Log valid and invalid statements and queries:
-
ADMIN-ONLY-INCLUDING-PARSE-FAILS
-
WRITES-ONLY-INCLUDING-PARSE-FAILS
-
ALL-QUERIES-INCLUDING-PARSE-FAILS
-
ALL-QUERIES-PLAINTEXT-INCLUDING-PARSE-FAILS
-
ALL-RESULTS-INCLUDING-PARSE-FAILS
-
A valid statement or query is one that can be successfully parsed by SingleStore.
Caution
User credentials and PII information contained in all valid statements and queries is obfuscated in audit logs.
Before selecting any level that specifies INCLUDING-PARSE-FAILS
, ensure that the log file location is secured appropriately and that extra precaution is taken when processing the logs.
If your cluster has strict mode enabled, the lowest logging level you can set is ADMIN-ONLY
or ADMIN-ONLY-INCLUDING-PARSE-FAILS
.
OFF
The OFF
level is the default setting and prevents any logs from being created.
If your cluster has strict mode enabled, this logging level cannot be set because audit logging must also be enabled.
LOGINS-ONLY
The LOGINS-ONLY
level logs the successful and failed login attempts into the database.LOGINS-ONLY
level does not include the PARSE-FAILS
option for logins, because this option is reserved for queries.LOGINS-ONLY
level is the lowest level of the audit log, i.
ADMIN-ONLY and ADMIN-ONLY-INCLUDING-PARSE-FAILS
The ADMIN-ONLY
level is inclusive of the LOGINS-ONLY
level logs, and it also logs statements that require administrator permissions, namely DDL operations such as CREATE
, DROP
, ALTER
, etc.SET PASSWORD
), the password’s value will be omitted from the log.
The ADMIN-ONLY-INCLUDING-PARSE-FAILS
level is inclusive of ADMIN-ONLY
but also logs invalid statements that fail to parse.
If your cluster has strict mode enabled, you must select either of these levels or a more verbose level.
WRITES-ONLY and WRITES-ONLY-INCLUDING-PARSE-FAILS
The WRITES-ONLY
level is inclusive of ADMIN-ONLY
but also logs DML operations such as INSERT
, DELETE
, UPDATE
, with one exception: SELECT
queries are not logged.
The WRITES-ONLY-INCLUDING-PARSE-FAILS
level is inclusive of WRITES-ONLY
but also logs invalid statements that fail to parse.
ALL-QUERIES and ALL-QUERIES-INCLUDING-PARSE-FAILS
The ALL-QUERIES
level is inclusive of WRITES-ONLY
but also logs read operations such as SELECT
statements.
The ALL-QUERIES-INCLUDING-PARSE-FAILS
level is inclusive of ALL-QUERIES
but also logs invalid statements that fail to parse.
ALL-QUERIES-PLAINTEXT and ALL-QUERIES-PLAINTEXT-INCLUDING-PARSE-FAILS
The ALL-QUERIES-PLAINTEXT
level is inclusive of ALL-QUERIES
but also logs the entire literal query, not just the parameterized version without literal strings and numbers.
The ALL-QUERIES-PLAINTEXT-INCLUDING-PARSE-FAILS
level is inclusive of ALL-QUERIES-PLAINTEXT
but also logs invalid statements that fail to parse.
ALL-RESULTS and ALL-RESULTS-INCLUDING-PARSE-FAILS
The ALL-RESULTS
level is inclusive of ALL-QUERIES-PLAINTEXT
but also logs the database’s responses.
When this level is selected, the entry ID for a query is shared with the results entries.
The ALL-RESULTS-INCLUDING-PARSE-FAILS
level is inclusive of ALL-RESULTS
but also logs invalid statements that fail to parse.
Last modified: November 18, 2024