Overview
Setting up
- Account setup
- Starting Log360 Cloud
- Supported log sources
- Adding Syslog devices
- Subscription
- Prerequisites
- Service Level Agreement (SLA)
- Amazon Web Services (AWS)
- Microsoft 365 Auto Configuration
- Microsoft 365 Manual Configuration
Dashboard
Reports
- Available Reports
- Manage Predefined Reports
- Manage Report Views
- Custom Reports
- Types of Report Views
- Report Exporting
- Schedule exports
- Other report options
- LDAP events
- Advanced Active Directory reports
  - User Work Hours
  - Account lockout analyzer
Compliance Reports
Search
- Search
- Search tool
- Save searches
- Share searches
- Export searches
- Add or remove fields from the search results
- Tagging tool
Cloud correlation
- Understanding correlation
- Generating correlation reports
- Managing correlation rules
UEBA
- Overview
- Anomaly rules of UEBA
  - List of anomaly rules
  - Working with anomaly rules - view, manage and customize rules
- Investigating anomalies
Zia Insights
- Overview
- Using Zia Insights
- Setting up Zia Insights
- Invoking Zia Insights
Alerts
- Creating alert profiles
- View log alerts
- Ticketing tool configuration
- Manage profiles
Threat investigation
- Incident Workbench
- Device summary
Incident management
- Incident management
Configuration settings
- Devices
- Applications
- Manage Cloud Sources
- Vulnerability data
- vCenter
- Threat management solutions
  - Threat Source
- File Monitoring
- Import log data
Admin settings
- Manage Agents
- Agent Settings
- Log Source Groups
- User management
- Accounts Management
- Configuring object level auditing
- Configuring audit policies
- Configuring Windows member server audit policies
- Technician audit
- Advanced Threat Analytics
- Bulk actions for Agents
- Privacy settings
- Notification settings
- Notification Templates
- Working Hour Settings
- Reload Archive Logs
- My account settings
- Product settings
- Log Collection Filter
- Custom log parsing
- License
- Storage Tiers
  - Overview
  - Configuring Storage Tiers
  - Managing Storage Tiers
  - Using Stats Analysis
- Cloud Storage Estimator
- Listener ports
- Log forwarding
Developer space
- Custom Widgets
- Extension Profile Generation
- Extension Builder
Marketplace
- Installing Extensions
- Compliance Extensions
- Nginx
- Veeam
- MariaDB
- Okta
- Dropbox
- MikroTik
- MongoDB
- Topsec
- Sangfor
Ticketing tool integration
- Zendesk
Cloud protection
- Cloud Protection in Log360 Cloud
- Gateway Cluster
- Gateway Server
- Prerequisites for Gateway Server configuration
- Installing Gateway Server
- Endpoint Configuration
- Certificate Authority Configuration
- Manage Certificate Trust Store
- Two-way SSL Support
- Manage Banned Applications
- Manage Sanctioned Applications
- Gateway Server Failover
- Application Insight
- User Access Insight
- Cloud Access Reports
- CASB application reports
- Shadow Cloud Application Reports
- Reports on Banned Cloud Applications
- File Upload Reports
- Threat Analytics in Cloud Protection
- Regenerate Access Key
- Troubleshooting gateway server errors
API Support
Teams
- Overview
- Managing Teams
MSSP Edition
- Introduction
- MSSP Account Setup
- Dashboard
- Manage Customers
- Evaluation Customers
- Customer Portal
- Portal User Management
- Customer Portal MFA
- Centralized Technician audit
- My Account Settings
- Technician Management
- License
Troubleshooting
- Overview
- WMI-based errors
Encryption at Rest (EAR)
Contact us

Related Products
Log360

Comprehensive SIEM and UEBA
Download | Demo
AD360

Integrated Identity & Access Management
Download | Demo
ADManager Plus

Active Directory Management & Reporting
Download | Demo
ADAudit Plus

Real-time Active Directory Auditing and UBA
Download | Demo
ADSelfService Plus

Self-Service Password Management
Download | Demo
EventLog Analyzer

Real-time Log Analysis & Reporting
Download | Demo
Exchange Reporter Plus

Exchange Server Auditing & Reporting
Download | Demo

MariaDB overview

MariaDB is an open-source, relational database management system (RDBMS). It supports advanced clustering, high availability, and powerful storage engines for enterprise applications. MariaDB is widely used for web applications, cloud services, and large-scale data processing.

MariaDB extension scope

The MariaDB extension for Log360Cloud enables integration of MariaDB logs into the Log360 Cloud ecosystem. This extension provides features such as log collection, parsing, reporting, alerting, correlation, and advanced log search capabilities.

Configuring MariaDB auditing

MariaDB auditing can be configured using two methods:

Configuring variables in a file
Configuring variables in the CLI

Configuring variables in a file

Open the MariaDB configuration file:
- For Windows:C:\Program Files\MariaDB 11.5\data\my.ini
- For Linux:/etc/my.cnf or /etc/mysql/my.cnf

Add the following lines to enable auditing:

Copy to Clipboard

plugin_load_add = server_audit server_audit=FORCE_PLUS_PERMANENT server_audit_logging = ON server_audit_file_path = C:/Program Files/MariaDb 11.5/data/server_audit.log server_audit_events = CONNECT,QUERY,QUERY_DDL,QUERY_DML,QUERY_DCL

Configuring Variables in the CLI

Connect to MariaDB CLI
Open MySQL Client or execute:

Copy to Clipboard

mysql -u [username] -p [password]
Install the audit plugin:

Copy to Clipboard

INSTALL SONAME 'server_audit';
To see a list of audit plugin-related variables on the server and their values, execute the follow while connected to the server:

Copy to Clipboard

SHOW GLOBAL VARIABLES LIKE 'server_audit%';
To have the audit plugin log more than one type of event, put them in a comma-separated list and execute the below command:
Copy to Clipboard
```
SET GLOBAL server_audit_events = 'CONNECT,QUERY,QUERY_DDL,QUERY_DML,QUERY_DCL';
```

Audited events

Here are the types of audited events captured from MariaDB in Log360 Cloud:

Category	Events
DDL auditing	Database created, Database dropped, Tables created, Tables dropped, Tables altered, Procedures created, Procedures dropped, Procedures altered, Index created, Index dropped, Triggers created, Triggers dropped, Views created, Views dropped, Views altered, Function created, Function dropped, Function altered
DML auditing	Select queries, Insert queries, Update queries, Delete queries, Truncate queries
Execution analysis	Failed queries
Auditing account management	Role created, Role dropped, Role updated, Grant operations, Revoke operations, Password changed, User created, User dropped, User updated, Failed account management queries
Logon events	User logon, Failed user logon, User logoff, Logon/logoff trends
Server events	Startup, Shutdown
Administrative statements	SET and SHOW statements, Transaction and Locking statements, Utility statements, Replication statements, Table maintenance statements, Plugin statements

Configuring in Log360 Cloud

After installing the MariaDB extension in Log360 Cloud, configure the scheduled import for the server_audit.log file from the MariaDB Server file path. Ensure that the correct file path is used during configuration.

Navigate to Settings → Configuration Settings → Log Source Configuration → Import Logs → From Device

Note: Refer to the Import Logs document for the step-by-step procedure.

Viewing MariaDB reports

To view MariaDB reports, navigate to the Reports tab and select MariaDB from the Custom Reports sub-tab.

MariaDB

Enable MariaDB correlation rules

To view the correlation rules, navigate to the Correlation tab -> Manage Rules.

In the Manage Rules page, select MariaDB as the Rule Category to filter out the related correlation rules. You can enable them manually by selecting the rule and clicking on Activate in the Rule Status column.

MariaDB

Enabling MariaDB Alerts

To view the Alerts, navigate to the Alerts tab -> Manage Alert Profiles.

In the Manage Alert Profiles page, select Custom Alert Profiles as the Alert Profile Type. Click the search icon and add MariaDB to filter out the alert profile(s). Select the profile(s) and click the green check mark icon to enable the alert profile.

MariaDB

To associate the log source, click the edit icon to open the Edit Alert Profile window. In the Log Source field, click the add button and select the configured log source for MariaDB. Click Update to save the changes.

MariaDB