Wednesday, July 15, 2015

Using MySQL Enterprise Monitor with the MySQL Enterprise Firewall

Using MySQL Enterprise Monitor with the MySQL Enterprise Firewall

Using MySQL Enterprise Monitor 3.0.22, the following newly added variables for the MySQL Enterprise Firewall are added : Ref :  http://dev.mysql.com/doc/relnotes/mysql-monitor/3.0/en/news-3-0-22.html
  • System Variables:
    • mysql_firewall_max_query_size
    • mysql_firewall_mode
    • mysql_firewall_trace
  • Status Variables:
    • Firewall_access_denied
    • Firewall_access_granted
    • Firewall_cached_entries
For information about MySQL Enterprise Firewall, you can refer to the information on Web  https://www.mysql.com/products/enterprise/firewall.html

You can find useful to be alerted if there are hacker getting into database.  By having MySQL Enterprise Monitor, creating Advisor / Graph will give you more insight the recent history about how many blocked access (Status Variables - Firewall_accessed_denied) were recorded.

This blog is created to give you the steps to create a custom graph showing the # of denied, granted and cached entries over time.

By creating a custom Graph within the Enterprise Monitor, you can see clearly how the MySQL Enterprise Firewall is working for your database sever.



 To define the custom graph,
  • Create the XML file (e.g. fwgraph.xml) as the following
<?xml version="1.0"?>
<com_mysql_merlin_server_graph_Design>
    <version>1.0</version>
    <uuid>76885e61-2b0f-11e5-b208-00059a3c7a00</uuid>
    <name>Firewall Statistics</name>
    <rangeLabel>Times</rangeLabel>
    <series>
        <label>Denied</label>
        <expression>denied</expression>
    </series>
    <series>
        <label>Granted</label>
        <expression>granted</expression>
    </series>
    <series>
        <label>Entries</label>
        <expression>entries</expression>
    </series>
    <variables>
        <name>denied</name>
        <dcItem>
            <nameSpace>mysql</nameSpace>
            <className>status</className>
            <attribName>firewall_access_denied</attribName>
        </dcItem>
        <instance>/</instance>
    </variables>
    <variables>
        <name>granted</name>
        <dcItem>
            <nameSpace>mysql</nameSpace>
            <className>status</className>
            <attribName>firewall_access_granted</attribName>
        </dcItem>
        <instance>/</instance>
    </variables>
    <variables>
        <name>entries</name>
        <dcItem>
            <nameSpace>mysql</nameSpace>
            <className>status</className>
            <attribName>firewall_cached_entries</attribName>
        </dcItem>
        <instance>/</instance>
    </variables>

</com_mysql_merlin_server_graph_Design>

  • Login to MySQL Enterprise Monitor
  • Click on the menu - Configuration -> Advisors


 
  • Click on the button (Import/Export)




  • Select the XML (fwgraph.xml) file by clicking the Browse Button and Click the "Import Custom Rule/Graph/Data Items"



  • Once you have successfully imported the file, you can find the "Firewall Statistics" under the Advisors -> Graphing.

 
  
  • Enable the Firewall Statistics, by clicking the down arrow and choose "Enable Advisor".
 You have choice to select the "schedule".   
Once you have this done, the Graph can be found on the Graph for the corresponding database.
Done!!!
















Posted by at No comments:
Subscribe to: Posts (Atom)