About me
Edit

From Chaos to Compliance A Smart Audit Logging Strategy for MariaDB

When working with production-grade systems, tracking changes to your data tables becomes crucial. In this post, we’ll walk through how to build a self-maintaining audit log system in MariaDB that captures every INSERT, UPDATE, and DELETE—complete with who did it, when, and what changed.

🎯 Goals of This System

  • Automatically log INSERT, UPDATE, and DELETE actions.

  • Record the table name, action type, primary key, and full row data.

  • Include the current user (optional, via a session variable @app_user).

  • Automatically detect and audit new tables.

  • Automatically remove tracking for deleted tables.

  • Use predictable trigger names (prefixed with audit_) for easy cleanup.

🏗 Step 1: Create the Audit Tables

audit_log

audit_trigger_tracker

🔄 Step 2: Auto-Generate Triggers for New Tables

🧼 Step 3: Clean Up Dropped Tables (Triggers + Tracker)

Cron

🧨 Nuking the Entire Audit Setup

To completely remove the audit system—including all triggers and supporting tables—use:

🤖 Automate With Cron

Create a bash script like this:

Then schedule it:

✅ Conclusion

You now have a fully autonomous audit logging system:

  • Self-healing on schema changes

  • Row-level forensic history

  • Optional user tracking with @app_user

  • Clean rollback mechanism

PreviousPost-Root Enlightenment: Why You Really Pwn Boxes — Thanks to IppSecNextSELinux: A Practical Guide for Real-World Linux Security

Last updated