ifconfig -output is somewhat messy thing to look at. When I saw the nice output below with the command (source), the question emerged:
Is there some more structured way, let say
MySQL, to look at ifconfig or similar data?
It would be cool, if I could monitor the network traffic in databases.
[prompt]$ mysqladmin -h localhost -u root -p processlist
+----+------+-----------+----+---------+------+-------+------------------+
| Id | User | Host | db | Command | Time | State | Info |
+----+------+-----------+----+---------+------+-------+------------------+
| 15 | root | localhost | | Query | 0 | | show processlist |
+----+------+-----------+----+---------+------+-------+------------------+
MySQL GUI Tools and administrator tools allow you to monitor to some extent. if you want raw packets, you can either use Ethereal or Wireshark
Related
This is my current user account configuration:
+----------+------------+-------------------------------------------+
| User | Host | Password |
+----------+------------+-------------------------------------------+
| root | localhost | *CAB56DA385754BF21E94AC7D75E8B51EA0F468A8 |
| root | centos-gcp | |
| root | 127.0.0.1 | |
| root | ::1 | |
| | localhost | |
| | centos-gcp | |
+----------+------------+-------------------------------------------+
So far I only added a root password during installation.
From what I understand, each 'username'#'host' combination is treated as a different account.
Does that mean that I need to set a password for every root account?
Or does the first password apply to all other root accounts?
It seems that if I try to log in with 'root'#'centos-gcp' which resolves to 127.0.1.1 I still have to enter the main password (I'm somewhat confused by all these hostnames).
Without a password, you have a vulnerability that a hacker may discover.
If you have never needed to use root after installing, then either you have not yet needed to do some serious maintenance, or you have given your other users too much privilege, thereby opening up another class of vulnerability.
Your multiple root#... logins are different. They are distinguished by where 'root' is coming from within the system, and how the connection is being made (socket vs TCP with IPv4 vs IPv6), etc.
When I run the command show processlist; I get details of the connections made to the server. Here are the connection details of my MySQL server,
mysql> show processlist;
+------+-----------------+----------------------+-------------+---------+----------+------------------------+------------------+
| Id | User | Host | db | Command | Time | State | Info |
+------+-----------------+----------------------+-------------+---------+----------+------------------------+------------------+
| 1 | event_scheduler | localhost | NULL | Daemon | 13200075 | Waiting on empty queue | NULL |
| 4212 | root | localhost | NULL | Query | 0 | init | show processlist |
| 4214 | root | xxx.xx.xxx.xxx:50197 | testmysqldb | Sleep | 1 | | NULL |
| 4215 | root | xxx.xx.xxx.xxx:50198 | testmysqldb | Sleep | 3 | | NULL |
+------+-----------------+----------------------+-------------+---------+----------+------------------------+------------------+
What does the "number" after the term hostname and a colon (:) mean? It generally appears when a remote connection is made, on Linux and appears even for local connection on Windows.
Thanks in Advance!!
It's the client's port number used for the connection.
"xxx.xx.xxx.xxx:50197" means that there's an open connection from IP address "xxx.xx.xxx.xxx" and port 50197, towards your MySQL server (probably on port 3306.)
This is the client's TCP Port.
You connect to the server for example on default port 3306 but the client uses a different port on its side of the connection. This port is listed there.
It's client port number i.e. a connection gets open between two processes (on the same host or physically apart) using sockets - Socket is host_ip:port_num
So when we connect to a mysql (on same machine - localhost or remote server) a connection is opened i.e.
client_ip:xxxxx --> mysql_ip:3306 (3306 is default for Mysql, can use other port as well)
Example:
xxx.xx.xxx.xxx:50197
We send query and receive response from the mysql (mysql_ip:3306) at client_ip:50197
Was recently managing my MySQL (5.5.41) on Linux machine and decided to remove/merge MySQL initially created root users.
Quoting MySQL 5.5 documentation (also nice article here)
On Unix, each root account permits connections from the local host. Connections can be made by specifying the host name localhost, the IP address 127.0.0.1, the IPv6 address ::1, or the actual host name or IP address.
The user table is as follows
+-----------+------------------+-------------------------------------------+
| Host | User | Password |
+-----------+------------------+-------------------------------------------+
| localhost | root | *ABC... |
| lamp | root | |
| 127.0.0.1 | root | *ABC... |
| ::1 | root | |
| localhost | john | *EFG... |
| lamp | john | |
| 127.0.0.1 | john | *EFG... |
| ::1 | john | |
+-----------+------------------+-------------------------------------------+
It is also set to listen only to localhost bind-address = 127.0.0.1. The question is
What could be the possible downfalls of merging multiple root users to a single one and using % wildcard as Host ?
Some of the passwords are blank thus not required to login. If % is used and password is set some users (lamp, IPv6 ::1) would not be able to login. Should this be avoided?
What could be the best pracice - to create a new user basing on initial create (127.0.0.1, ::1, localhost) or to stick with the % wildcard?
First off, i'd suggest you avoid using % wildcard (if it's not strictly necessary). If your users connect to the database from the same host the mysql server is running on, my advice is to use 127.0.0.1
All best practices point out that no-password login should be disabled.
As for IPv6, there's no point in having that user if you're not using it.
I'd suggest you read this http://www.greensql.com/content/mysql-security-best-practices-hardening-mysql-tips
I want to see database details such as users that access this database or collation type in mysql, ssh terminal commands.
please help me.
thank you..
You can run mysql console client with --execute parameter for this purpose:
$ mysql -h {hostname} -u {user} -p{password} -e "SHOW PROCESSLIST"
This will produce output similar to the next one:
+----+---------+-----------------+---------+---------+------+-------+------------------+
| Id | User | Host | db | Command | Time | State | Info |
+----+---------+-----------------+---------+---------+------+-------+------------------+
| 1 | root | {hostname}:3786 | NULL | Query | 0 | NULL | SHOW PROCESSLIST |
+----+---------+-----------------+---------+---------+------+-------+------------------+
Can anyone tell me how can I kill all the sleeping processes?
I searched for it and I found that we can do it by command
mk-kill --match-command Sleep --kill --victims all --interval 10
I connected the DB server(Linux) but I find the message that command not found.
I tried to connect via MYSQL administrator and it doesn't say that command not found but also doesn't executes the query , just says you have an SQl error
login to Mysql as admin:
mysql -uroot -ppassword;
And than run command:
mysql> show processlist;
You will get something like below :
+----+-------------+--------------------+----------+---------+------+-------+------------------+
| Id | User | Host | db | Command | Time | State | Info |
+----+-------------+--------------------+----------+---------+------+-------+------------------+
| 49 | application | 192.168.44.1:51718 | XXXXXXXX | Sleep | 183 | | NULL ||
| 55 | application | 192.168.44.1:51769 | XXXXXXXX | Sleep | 148 | | NULL |
| 56 | application | 192.168.44.1:51770 | XXXXXXXX | Sleep | 148 | | NULL |
| 57 | application | 192.168.44.1:51771 | XXXXXXXX | Sleep | 148 | | NULL |
| 58 | application | 192.168.44.1:51968 | XXXXXXXX | Sleep | 11 | | NULL |
| 59 | root | localhost | NULL | Query | 0 | NULL | show processlist |
+----+-------------+--------------------+----------+---------+------+-------+------------------+
You will see complete details of different connections. Now you can kill the sleeping connection as below:
mysql> kill 55;
Query OK, 0 rows affected (0.00 sec)
kill $queryID; is helpful but if there is only one query causing an issue;
Having a lot of MySQL sleeping processes can cause a huge spike in your CPU load or IO
Here is a simple one-line command (if behind the MySQL server is linux) which would kill all of the current sleeping MySQL processes:
for i in `mysql -e "show processlist" | awk '/Sleep/ {print $1}'` ; do mysql -e "KILL $i;"; done
This is only a temporary repair; I strongly advise identifying and addressing the problem's main cause.
For instance, you may set the wait timeout variable to the amount of time you want MySQL to hold open connections before shutting them.
But if the issue still persists and you have to investigate the DB queries that cause the problem there is another way. In screen session, you can use another while cycle to continuously kill the sleeping queries. (while there is an output of the mysql show processlit | grep -i sleep | awk id column and kill it.) If you are using MySQL replication between different hosts this will help them to catch up. So when using show slave status\G; Seconds_behind_master will be going to catch up.
Of course, you should investigate the root cause again.