Mysql data not seen in packetbeats

shaikmuzakkir · August 2, 2016, 11:05am

Thanks for the information. I see that the mysql version has it specified that it uses TLS. Looks like the latest versions of Mysql are having TLS enabled by default unlike the older versions. Do you know if it is possible to disable the TLS encryption on mysql 5.7.13?

steffens · August 2, 2016, 11:53am

see mysql cli options docs. While server provides TLS support, the client has to choose whether to use encryption (which is the case by default).

Also check require_secure_transport system variable.

Seems like TLS can not be disabled on server side, but client side only.

shaikmuzakkir · August 8, 2016, 5:48am

Hi Steffens,

I see that the variable require_secure_transport is set to OFF by default.

[root@ip-10-39-196-70 conf]# mysql -u pd_integration -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9201
Server version: 5.7.13 MySQL Community Server (GPL)

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

steffens · August 8, 2016, 12:18pm

Unfortunately I haven't found an option in mysql server to disable SSL support. I only found this bug report.

So, it's up to the client to disable tls. For example use --skip-ssl when running CLI mysql client like:

$ mysql --skip-ssl --protocol=TCP  -u pd_integration -p

Starting mysql client like this, you should be able to monitor commands with packetbeat or tcpdump. E.g. try SELECT 1;.

If and how you can disable SSL depends on clients/libs in use.

system · August 16, 2016, 4:49am

This topic was automatically closed after 21 days. New replies are no longer allowed.