Learn about Centmin Mod LEMP Stack today
Become a Member

Sysadmin Alert when dump is made

Discussion in 'System Administration' started by Jon Snow, Jul 10, 2017.

  1. Jon Snow

    Jon Snow Active Member

    Jun 30, 2017
    Local Time:
    10:48 AM
    Nginx 1.13.9
    MariaDB 10.1.31
    Is it possible somehow to get an alert (via email for example) whenever a database dump has been made? For example, if a hacker somehow gains access to my server and tries to back up my database without my consent, I'd like to receive an alert via email about it.

    Is something like that even possible?

    Or what would it look like in my access log so that I can often check?
    • Agree Agree x 1
  2. eva2000

    eva2000 Administrator Staff Member

    May 24, 2014
    Brisbane, Australia
    Local Time:
    12:48 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    for initial ssh login SSH Login Email Alerts Centmin Mod Style

    for general file or command tracking with tools/auditd.sh though setting up custom rule would be something for you to figure out as there's many ways to get the mysql database data via mysqldump command or directly accessing the mysql data files in /var/lib/mysql within SSH or even via hacked PHP web apps and backdoor/PHP shells which can allow hackers to install phpmyadmin/adminer to use a web gui to access mysql data. Beta Branch - tools/auditd.sh discussion thread for 123.09beta01
    • Like Like x 1