Information
Audit logging is not really included in the Community Edition of MySQL - only the general log. Using the general log is possible, but not practical, because it grows quickly and has an adverse impact on server performance.
Nevertheless, enabling audit logging is an important consideration for a production environment, and third-party tools do exist to help with this. Enable audit logging for
Interactive user sessions
Application sessions (optional)
Rationale:
Audit logging helps to identify who changed what and when. The audit log might be used as evidence in investigations. It might also help to identify what an attacker was able to accomplish.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Acquire a third-party MySQL logging solution as available from a variety of sources including, but not necessarily limited to, the following:
The General Query Log
MySQL Enterprise Audit
MariaDB Audit Plugin for MySQL
McAfee MySQL Audit