base/protocols/mysql/main.zeek

MySQL

Implements base functionality for MySQL analysis. Generates the mysql.log file.

Namespace

MySQL

Imports

base/protocols/conn/removal-hooks.zeek, base/protocols/mysql/consts.zeek

Summary

Types

MySQL::Info: record

Redefinitions

Log::ID: enum	mysql::LOG
connection: record	New Fields connection mysql: MySQL::Info &optional

Events

MySQL::log_mysql: event

Event that can be handled to access the MySQL record as it is sent on to the logging framework.

Hooks

MySQL::finalize_mysql: Conn::RemovalHook	MySQL finalization hook.
MySQL::log_policy: Log::PolicyHook

Detailed Interface

Types

MySQL::Info

Type

record

ts: time &log

Timestamp for when the event happened.

uid: string &log

Unique ID for the connection.

id: conn_id &log

The connection’s 4-tuple of endpoint addresses/ports.

cmd: string &log

The command that was issued

arg: string &log

The argument issued to the command

success: bool &log &optional

Did the server tell us that the command succeeded?

rows: count &log &optional

The number of affected rows, if any

response: string &log &optional

Server message, if any

Events

MySQL::log_mysql

Type

event (rec: MySQL::Info)

Event that can be handled to access the MySQL record as it is sent on to the logging framework.

Hooks

MySQL::finalize_mysql

Type

Conn::RemovalHook

MySQL finalization hook. Remaining MySQL info may get logged when it’s called.

MySQL::log_policy

Type

Log::PolicyHook