I need to allow remote connections to my mysql server running on latest stable CentOS.
I don't like this idea at all so I want at least to collect as much relevant information as possible. To be exact, I need (want) following:
- [datetime] 1.2.3.4 connected
- [datetime] 3.4.5.6 wrong password
According to mysql manual, there's either logging everything (not acceptable performance overhead) or nothing that seems relevant to me (and what would help us trace attacker/irresponsible administrator).
I thought about grepping and erasing this log every N minutes, but this just doesn't seems right.