创建触发器以将数据添加到审计表中
问题描述:
假设我们在数据库中有50 tables,并且我们希望捕获每个表的列中的所有更改(列的前值和新值)。审计表会在那里,这将有列如下:创建触发器以将数据添加到审计表中
ID,Server_Name,User_Name,Date_Time,Table_Name,Column_Name,Old_Value,New_Value
会有一个审核表,将捕获的所有变化来自该数据库的表格。我相信我们可以为该数据库的每个表创建触发器。但请让我知道如何将所有数据添加到一个审计表。如果你能为我提供一个有用的例子。
感谢和问候, 帕塔
答
我可以为您提供了一种算法,在工作,大部分的基础工作已经完成:
这可能是你的审计表,应加时间戳列作为修改日期或更多信息根据您的要求:
CREATE TABLE audit (
old_data VARCHAR(100),
new_data VARCHAR(100),
tbl_name VARCHAR(100)
)
|
这可以用作参考触发器;注意,会有一个单独的触发器为每个表:
CREATE TRIGGER testtrigger BEFORE UPDATE ON <table_name>
FOR EACH ROW BEGIN
INSERT INTO audit(old_data, new_data, tbl_name) VALUES (OLD.first_name, NEW.first_name, "testtable");
END;
|
你可以为每列多INSERT语句之一。如果你想要把不插入未改变,你可以做在触发以下更改数据的限制:
IF(OLD.column_name <> NEW.column_name) THEN
--Your insert query here
ELSE
--NOOP
END IF;
让我们知道,如果需要更多的信息。
答
我花了几天的时间想出一个存储过程来自动/动态地创建MariaDB中的UPDATE/DELETE触发器(与v 10.1.9协同工作),审计更新和删除的所有更改。该解决方案使用INFORMATION_SCHEMA为每个表自动生成审计触发器。在更新时,只更改已更改的列进行审计,删除所有历史记录时保留在审计中。
在下面的示例中,我们创建了一个包含两个表tb_company和tb_auditdetail的测试数据库,它们将存放我们的审计日志。
-- Dynamic Automated Update/Delete Triggers in MariaDB
-- Leonard Tonna 19/05/2016 - www.ilabmalta.com
CREATE DATABASE db_ilabmalta_test;
USE db_ilabmalta_test;
CREATE TABLE tb_auditDetail(
audit_pk int(9) NOT NULL PRIMARY KEY AUTO_INCREMENT,
type varchar(1) NOT NULL,
tablename varchar(128) NULL,
pk varchar(128) NULL,
fieldname varchar(128) NULL,
oldvalue varchar(1000) NULL,
newvalue varchar(1000) NULL,
updatedate datetime NULL,
username varchar(128) NULL,
dbusername varchar(128) NULL,
machinename varchar(128) NULL);
CREATE TABLE tb_company(
cmp_pk int(9) NOT NULL PRIMARY KEY AUTO_INCREMENT,
cmp_name varchar(100) NOT NULL,
cmp_no varchar(16) NULL,
cmp_status smallint NOT NULL DEFAULT 1,
cmp_created datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
cmp_createdby varchar(10) NOT NULL,
cmp_updated datetime NULL,
cmp_updatedby varchar(10) NULL,
cmp_record_version int(9) NOT NULL DEFAULT 1) ;
-- We now create sp_maketrigger which is the stored procedure
-- which will give us our trigger scripts
DELIMITER $$
DROP PROCEDURE IF EXISTS sp_maketrigger;
CREATE PROCEDURE sp_maketrigger (IN s_tablename CHAR(30), OUT u_trigger_out VARCHAR(65500) CHARACTER SET ascii,OUT d_trigger_out VARCHAR(65500) CHARACTER SET ascii)
BEGIN
DECLARE s_fieldname VARCHAR(50);
DECLARE u_trigger VARCHAR(65500) CHARACTER SET ascii;
DECLARE d_trigger VARCHAR(65500) CHARACTER SET ascii;
DECLARE s_key VARCHAR(50);
DECLARE s_updatedby VARCHAR(50);
DECLARE s_updated VARCHAR(50);
DECLARE s_recversion VARCHAR(50);
DECLARE done INT DEFAULT 0;
DECLARE cursor_end CONDITION FOR SQLSTATE '02000';
DECLARE col_cursor CURSOR FOR SELECT COLUMN_NAME FROM test_prepare_vw;
DECLARE pri_cursor CURSOR FOR SELECT COLUMN_NAME FROM test_prepare_vw2;
DECLARE upd_cursor CURSOR FOR SELECT COLUMN_NAME FROM test_prepare_vw3;
DECLARE rec_cursor CURSOR FOR SELECT COLUMN_NAME FROM test_prepare_vw4;
DECLARE CONTINUE HANDLER FOR cursor_end SET done = 1;
DROP VIEW IF EXISTS test_prepare_vw;
DROP VIEW IF EXISTS test_prepare_vw2;
DROP VIEW IF EXISTS test_prepare_vw3;
DROP VIEW IF EXISTS test_prepare_vw4;
SET u_trigger = '';
SET u_trigger = CONCAT('DELIMITER $$ \nDROP TRIGGER IF EXISTS tra_',s_tablename,'_update;\n');
SET u_trigger = CONCAT(u_trigger,'CREATE TRIGGER tra_',s_tablename,'_update AFTER UPDATE ON ',s_tablename,' FOR EACH ROW \n');
SET u_trigger = CONCAT(u_trigger,'BEGIN \n');
SET u_trigger = CONCAT(u_trigger,'DECLARE msg VARCHAR(255); \n');
SET d_trigger = '';
SET d_trigger = CONCAT('DELIMITER $$ \nDROP TRIGGER IF EXISTS tra_',s_tablename,'_delete;\n');
SET d_trigger = CONCAT(d_trigger,'CREATE TRIGGER tra_',s_tablename,'_delete AFTER DELETE ON ',s_tablename,' FOR EACH ROW \n');
SET d_trigger = CONCAT(d_trigger,'BEGIN \n');
SET @query = CONCAT('CREATE VIEW test_prepare_vw2 as SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name = \'', s_tablename, '\' AND table_schema = \'db_diers\' AND COLUMN_NAME NOT LIKE \'%updated%\' AND COLUMN_KEY = \'PRI\' ORDER BY ORDINAL_POSITION');
PREPARE stmt from @query;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
OPEN pri_cursor;
FETCH pri_cursor INTO s_key;
CLOSE pri_cursor;
DROP VIEW test_prepare_vw2;
SET @query = CONCAT('CREATE VIEW test_prepare_vw3 as SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name = \'', s_tablename, '\' AND table_schema = \'db_diers\' AND COLUMN_NAME LIKE \'%updatedby%\' AND COLUMN_KEY <> \'PRI\' ORDER BY ORDINAL_POSITION');
PREPARE stmt from @query;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
OPEN upd_cursor;
FETCH upd_cursor INTO s_updatedby;
CLOSE upd_cursor;
DROP VIEW test_prepare_vw3;
SET s_updated = LEFT(s_updatedby,(LENGTH(RTRIM(s_updatedby)))-2);
SET @query = CONCAT('CREATE VIEW test_prepare_vw4 as SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name = \'', s_tablename, '\' AND table_schema = \'db_diers\' AND COLUMN_NAME LIKE \'%record_version%\' AND COLUMN_KEY <> \'PRI\' ORDER BY ORDINAL_POSITION');
PREPARE stmt from @query;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
OPEN rec_cursor;
FETCH rec_cursor INTO s_recversion;
CLOSE rec_cursor;
DROP VIEW test_prepare_vw4;
SET @query = CONCAT('CREATE VIEW test_prepare_vw as SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name = \'', s_tablename, '\' AND table_schema = \'db_diers\' AND COLUMN_KEY <> \'PRI\' ORDER BY ORDINAL_POSITION');
PREPARE stmt from @query;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
SET u_trigger = CONCAT(u_trigger,' IF (ISNULL(NEW.',s_recversion,') OR OLD.',s_recversion,' >= NEW.',s_recversion,' OR ISNULL(NEW.',s_updatedby,') OR NEW.',s_updatedby,' = \'\' OR ISNULL(NEW.',s_updated,') OR NEW.',s_updated,' = OLD.',s_updated,') THEN \n');
SET u_trigger = CONCAT(u_trigger,' set msg = \'Cannot update record without specifying updated/updatedby by columns and without incrementing the record version.\'; \n');
SET u_trigger = CONCAT(u_trigger,' SIGNAL SQLSTATE \'45000\' SET MESSAGE_TEXT = msg; \n');
SET u_trigger = CONCAT(u_trigger,' END IF; \n');
OPEN col_cursor;
FETCH col_cursor INTO s_fieldname;
WHILE done = 0 DO
SET u_trigger = CONCAT(u_trigger,' IF (IFNULL(OLD.',s_fieldname,',\'\') <> IFNULL(NEW.',s_fieldname,',\'\')) THEN\n');
SET u_trigger = CONCAT(u_trigger,' INSERT INTO tb_auditdetail (type, tablename, pk, fieldname, oldvalue, newvalue, updatedate, username, dbusername, machinename) \n');
SET u_trigger = CONCAT(u_trigger,' VALUES (\'U\', \'',s_tablename,'\', OLD.',s_key,', \'',s_fieldname,'\', OLD.',s_fieldname,', NEW.',s_fieldname,', CURRENT_TIMESTAMP,NEW.',s_updatedby,',CURRENT_USER(),@@hostname);\n');
SET u_trigger = CONCAT(u_trigger,' END IF;\n');
SET d_trigger = CONCAT(d_trigger,' INSERT INTO tb_auditdetail (type, tablename, pk, fieldname, oldvalue, newvalue, updatedate, username, dbusername, machinename) \n');
SET d_trigger = CONCAT(d_trigger,' VALUES (\'D\', \'',s_tablename,'\', OLD.',s_key,', \'',s_fieldname,'\', OLD.',s_fieldname,',NULL, CURRENT_TIMESTAMP,NULL,CURRENT_USER(),@@hostname);\n');
FETCH col_cursor INTO s_fieldname;
END WHILE;
CLOSE col_cursor;
DROP VIEW test_prepare_vw;
SET u_trigger = CONCAT(u_trigger,'END;$$ \nDELIMITER ; \n');
SET d_trigger = CONCAT(d_trigger,'END;$$ \nDELIMITER ; \n');
SELECT u_trigger INTO u_trigger_out;
SELECT d_trigger INTO d_trigger_out;
END; $$
DELIMITER ;
-- And finally, to extract the Trigger Scripts
call sp_maketrigger('tb_company',@s_line1,@d_line1);
SELECT CONCAT(@s_line1,@d_line1)
-- You just need to copy, paste and execute the trigger script, and
-- voila, your audit is in place.
上面的例子理所当然地与每个表中你有5列:创建,createdby,更新,updatedby,record_version。
但是,您可以以不同方式自定义存储过程sp_maketrigger以满足您的需求。 sp也受到增强和改进。
ya ..我需要更多关于这方面的信息...我也想存储列名和我如何获得tabel名称动态 – 2016-04-27 05:36:20
@AnishRai,当你定义表的触发器,你不会有列与你的细节。在插入审计时使用列名称。 – 2016-04-27 08:49:21
但..suppose采取一种情况下,我在审计表中存储操作意味着有一列操作并插入更新first_name如果用户在这种情况下更新名字,我怎么知道哪一列由用户更新 – 2016-04-27 08:55:21