© 2018 Percona. 1 Peter Zaitsev Analyzing MySQL Logs with ClickHouse CEO, Percona April 27,2018 © 2018 Percona. 2 ClickHouse is my love at the first sight © 2018 Percona. 3 Why ? Fast and 5 Why Keep and Analyze Raw Logs ? Raw Logs Contain ultimate level of detail You build any summaries from Raw Events You can’t recover Raw Events from Summaries Audit Trace Application/User Path Path © 2018 Percona. 6 Why Not ? Generating Full Query Logs can be Expensive Logs can Consume a lot of Space Logs can be expensive to query © 2018 Percona. 7 Clickhouse Answers • 10x+

PRESENTS Vitess security audit In collaboration with the Vitess maintainers, Open Source Technology Improvement Fund and The Linux Foundation Authors Adam Korczynski David Korczynski Commons 4.0 (CC BY 4.0) Vitess Security Audit, 2023 Table of contents Table of contents 1 Executive summary 2 Notable findings 3 Project Summary 4 Audit Scope 4 Threat model formalisation 5 Fuzzing Conclusions 40 1 Vitess Security Audit, 2023 Executive summary In March and April 2023, Ada Logics carried out a security audit of Vitess. The primary focus of the audit was a new component of Vitess,

TiDB Audit Plugin User Guide August 4, 2022 TiDB Audit Plugin User Guide Introduction The TiDB audit plugin records the TiDB server’s activities that are expected to follow auditing regulations of describes how to compile, package, and use the audit plugin. Download the plugin You can download the plugin on TiDB Enterprise Edition Downloads. Deploy the audit plugin After downloading the plugin, you TiUP to deploy the audit plugin. Use TiDB Operator to deploy the plugin Configure TidbCluster CR. tidb: additionalContainers: - command: - sh - -c - touch /var/log/tidb/tidb-audit.log; tail -n0 -F

out by Cure53 in summer 2020, the project entailed comprehensive penetration test and source code audit of the Dapr scope. In terms of resources, the project was assigned to four members of the Cure53 work packages (WPs) were outlined. In WP1, Cure53 performed both a broad and thorough source code audit of the latest version of Dapr. The focus was explicitly placed on the Dapr main repository and the Berlin cure53.de · mario@cure53.de very helpful and productive, assisting the test and audit in moving forward swiftly. Given good choices and practices regarding methodology, setup and communications

previous code audit (Low) DAP-02-013 WP2: Access policy bypass due to missing URL normalization (High) Miscellaneous Issues DAP-02-002 WP3: Status of miscellaneous issues from previous audit (Low) Conclusions cooperation between Cure53 and Dapr, reporting on the findings of a penetration test and source code audit against the Dapr software. In addition to shedding light on the state of security on some new features mistakes. In effect, three work packages (WPs) were delineated: • WP1: Thorough source code audit of the latest Dapr version • WP2: Penetration tests targeting the Dapr integration and setup • WP3:

PRESENTS Dapr Fuzzing Audit In collaboration with the Dapr project maintainers and The Linux Foundation Authors Adam Korczynski David Korczynski Date: 30th Creative Commons 4.0 (CC BY 4.0) CNCF security and fuzzing audits This report details a fuzzing audit commissioned by the CNCF and the engagement is part of the broader efforts carried out by CNCF in this engagement, Dapr was doing no fuzzing for any of its sub projects, and the goal of this fuzzing audit was to build the fundamental infrastructure and improve the fuzzing efforts in a continuous manner

PRESENTS Dapr security audit In collaboration with the Dapr maintainers, Open Source Technology Improvement Fund and The Linux Foundation Authors Adam Korczynski David Korczynski under Creative Commons 4.0 (CC BY 4.0) Dapr security audit 2023 Table of contents Table of contents 1 Executive summary 2 Project Summary 3 Audit Scope 4 Threat model 5 Fuzzing 15 Issues found 17 1 Dapr security audit 2023 Executive summary In May and June 2023, Ada Logics carried out a security audit for the Dapr project. The high-level goal was to complete a holistic audit drawing on several

PRESENTS Istio Security Audit In collaboration with the Istio projects maintainers and The Open Source Technology Improvement Fund, Inc (OSTIF). ostif.org Authors Adam Korczynski International (CC BY 4.0) Istio Security Audit, 2023 Table of contents Table of contents 1 Executive summary 2 Notable findings 3 Project summary 4 Audit scope 6 Overall assessment 7 Fuzzing 9 previous audit 50 Istio SLSA compliance 52 1 Istio Security Audit, 2023 Executive summary In September and October 2022 Ada Logics carried out a security audit of the Istio project. The audit was sponsored

database auditing and the audit plugin 1 Obtain the database auditing feature 2 The range of database auditing 2 The events of database auditing 3 Recorded information in audit logs 5 General information 6 Audit operation information 7 Audit log filters and rules 7 Filters 8 Filter rules 9 File formats of audit log 10 Rotation of audit log 11 The number and duration for reserving audit logs 11 Audit log redaction 11 System tables 11 mysql.audit_log_filters 11 mysql.audit_log_filter_rules 12 System variables 13 tidb_audit_enabled 13 tidb_audit_log 14 tidb_audit_log_format 14 tidb_au

秒(30s)，以便收集器回收连接 并重新尝试在合理的时间内发送失败消息。(LOG-2534) 在此次更新之前，网关组件强制租期中的错误，用于读取带有 Kubernetes 命名空间的日志的有限 访问会导致 "audit" 以及一些 "infrastructure" 日志不可读取。在这个版本中，代理可以正确地检 测到具有 admin 访问权限的用户，并允许在没有命名空间的情况下访问日志。(LOG-2448) 在 annotations: logging.openshift.io/preview-vector-collector: enabled spec: collection: logs: type: "vector" vector: {} OpenShift Container Platform 4.8 日志 日志记录 记录 16 e. 选择 Enable 节点上运行的基础架构组件生成的日 志，如 journal 日志。基础架构组件是在 openshift*、kube* 或 default 项目中运行的 pod。 audit - 由 auditd 生成的日志，节点审计系统存储在 /var/log/audit/audit.log 文件中，以及 Kubernetes apiserver 和 OpenShift apiserver 的审计日志。 注意 注意 由于内部