Monitoring Database

hi

i have installed PAM 3.5 on Suse linux. Right now we are trying to configure MariaDB inside PAM.

Following steps I have following activities.

1, Created Database connector with default proxy 13306
2. Created rule inside cmdctrl for DBMySQLMyaccess.

Changes made inside mariadb


[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
#skip-networking
bind-address = :: # All ip address will be listening



Output when we telnet pam 13306


R
5.5.52-MariaDBg2`m$fWág_'BXrV8Rri:mysql_native_password


PAM log

Tue Oct 09 17:14:53 2018, 933, 4187547392, 1897, Info, DB Audit - Accepted connection from 192.168.1.93 c0ce28
Tue Oct 09 17:14:53 2018, 948, 4187547392, 3139, Info, DB Audit - Connecting 192.168.1.93 to DB 192.168.1.155:3306
Tue Oct 09 17:14:54 2018, 137, 4188600064, 1897, Info, cmdctrl viewRequests_svc client:pam rc:0 status:0 (5ms)
Tue Oct 09 17:14:54 2018, 144, 4188600064, 1897, Info, cmdctrl viewRequests_svc client:pam rc:0 status:0 (3ms)
Tue Oct 09 17:14:54 2018, 190, 4188600064, 1897, Info, cmdctrl getEntriesSvc client:pam rc:0 status:0 (4ms)
Tue Oct 09 17:14:54 2018, 191, 4201232128, 1897, Error, Invalid authentication token signature
Tue Oct 09 17:14:54 2018, 195, 4201232128, 1897, Info, cmdctrl request denied for '<DBMySQLAccess>' from root@192.168.1.93
Tue Oct 09 17:14:54 2018, 196, 4201232128, 1897, Info, cmdctrl checkAuth client:pam rc:0 status:0 (24ms)
Tue Oct 09 17:14:54 2018, 201, 4200179456, 1897, Info, regclnt getSessionCache client:pam rc:0 status:0 (0ms)
Tue Oct 09 17:14:55 2018, 944, 4187547392, 1897, Info, dbaudit client:192.168.1.93 rc:0 status:0 (2011ms)

Please note In this Mariadb SSL option is disabled.

Please guys help me out how to login inside Mariadb through PAM proxy only to monitor user activities.
  • If this is MariaDB, then the cmdctrl rule's condition should reference Maria DB Access (<DBMariaDBAccess>*) instead of MySQL.
    Same should be relevant when configuring the proxy connection in the Hosts Console - i.e. the Database Connector. The Database Connector Type should also reference MariaDB.
  • If this is MariaDB, then the cmdctrl rule's condition should reference Maria DB Access (<DBMariaDBAccess>*) instead of MySQL.
    Same should be relevant when configuring the proxy connection in the Hosts Console - i.e. the Database Connector. The Database Connector Type should also reference MariaDB.
  • If this is MariaDB, then the cmdctrl rule's condition should reference Maria DB Access (<DBMariaDBAccess>*) instead of MySQL.
    Same should be relevant when configuring the proxy connection in the Hosts Console - i.e. the Database Connector. The Database Connector Type should also reference MariaDB.