MySQL Audit Logging — How to Avoid Data Overload
In the last few months, our solution engineers have had many discussions with security and operation teams about how to implement MySQL auditing. In some cases, these teams have been asked to implement new database auditing in response to a security breach or to meet a regulatory requirement (PCI, HIPPA, GDPR or CCPA).
More often, however, these companies are switching audit strategies because their existing method has led to data overload. They typically start by monitoring everything, sometimes even using the general query log. They quickly learn that even with moderate database activity, the amount of generated data soon becomes overwhelming.
Below are a couple considerations for selecting your audit strategy.
- Review your schema and identify data that *must* be audited. It’s likely your company’s personal identifiable information (PII) …