terrymanu commented on issue #36030:
URL:
https://github.com/apache/shardingsphere/issues/36030#issuecomment-3503410578
Issue Analysis
Thank you for your interest in ShardingSphere-Proxy's auditing
capabilities. After careful consideration of this feature request, I need to
clarify our product positioning and explain why we cannot support this
functionality.
Product Positioning
ShardingSphere is designed as a lightweight distributed database
middleware focused on core functionalities such as data sharding, read-write
splitting, encryption, and shadow databases. We intentionally keep the codebase
streamlined to maintain performance and reduce complexity.
Alternative Solutions
Database auditing is a well-established domain with many mature solutions
available:
Network Layer Solutions
- TCP Dump: Capture network traffic at the protocol level
- ELK Stack: Elasticsearch + Logstash + Kibana for log aggregation
- Prometheus + Grafana: Modern monitoring and logging stack
Database Level Solutions
- MySQL Audit Plugin: Native MySQL auditing capabilities
- Binary Log Analysis: Parse MySQL binlogs for audit trails
- Triggers: Database-level audit logging
Proxy Layer Solutions
- Nginx/HAProxy: Load balancers with comprehensive logging
- Professional Database Proxies: Products specifically designed for
auditing
Application Layer Solutions
// Example: Custom logging in application code
@Component
public class AuditLogger {
private static final Logger logger =
LoggerFactory.getLogger(AuditLogger.class);
public void logSqlExecution(String clientIp, String username, String
sql) {
logger.info("Client: {}, User: {}, SQL: {}", clientIp, username,
sql);
}
}
Recommendation
For your use case, I recommend implementing one of the external solutions
mentioned above based on your specific requirements:
- For simple logging needs: Network packet capture or database plugins
- For enterprise compliance: Professional audit tools or SIEM systems
- For integrated monitoring: ELK Stack or similar solutions
Conclusion
While ShardingSphere provides the SQLAuditor SPI for custom
implementations, we believe that comprehensive auditing functionality belongs
in specialized tools rather than in a distributed database middleware core.
We appreciate your understanding and encourage you to explore the mature
ecosystem of database auditing solutions available in the market.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
