Creating a read-only database user account for MySQL

search cancel

book

calendar_today

Security Information Manager

Collectors that use a database sensor require that you create a read-only database user account so that the collector can query for events.

To create a read-only database user account for MySQL

At a UNIX prompt, run the MySQL command-line program, and log in as an administrator by typing the following command:
mysql -u root -p
Type the password for the root account.
At the mysql prompt, do one of the following steps:
- To give the user access to the database from any host, type the following command:
  grant select on database_name.* to 'read-only_user_name'@'%' identified by 'password';
- If the collector will be installed on the same host as the database, type the following command:
  grant select on database_name.* to 'read-only_user_name' identified by 'password';
  This command gives the user read-only access to the database from the local host only.
- If you know the host name or IP address of the host that the collector is will be installed on, type the following command:
  grant select on database_name.* to 'read-only_user_name'@'host_name or IP_address' identified by 'password';
  The host name must be resolvable by DNS or by the local hosts file.
At the mysql prompt, type the following command:
flush privileges;

Type quit.

The following is a list of example commands and confirmation messages:

mysql> grant select on dbname.* to 'readonlyuser'@'%' identified 

by 'pogo$23';

Query OK, 0 rows affected (0.11 sec)

mysql> flush privileges;

Query OK, 0 rows affected (0.00 sec)

mysql> quit

thumb_up Yes

thumb_down No