If you cannot find it, lets try this test:
-
In one terminal tab, start tcpdump and and leave it running:
tcpdump -i lo -s 0 -w trace.pcap "port 3306"
-
On another terminal tab, start the mysql prompt replacing root with a user you have for mysql:
mysql -h 127.0.0.1 -u root
-
On the mysql prompt to a simple select like:
select 1;
-
Stop tcpdump and check that the
trace.pcap
file was created.