logging of BAD queries

I've used the general and slow query log in the past, but I am trying
to track down some queries from a compiled app that never seem to be
hitting the DB server.

My guess is that the SQL syntax is bad and never get executed, but I
don't see any related queries in the general query log. Does the
general log include invalid SQL?

I've also tried to use the driver logging, but on Windows it
overwrites with the last SQL command so I cannot get a good capture as
requests are sent to the DB.

DB is MySQL 5.0.x

Thanks
andy


--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org

Re: logging of BAD queries

At 09:27 AM 2/9/2010, andy knasinski wrote:
>I've used the general and slow query log in the past, but I am trying
>to track down some queries from a compiled app that never seem to be
>hitting the DB server.
>
>My guess is that the SQL syntax is bad and never get executed, but I
>don't see any related queries in the general query log. Does the
>general log include invalid SQL?

I don't think it does.


>I've also tried to use the driver logging, but on Windows it
>overwrites with the last SQL command so I cannot get a good capture as
>requests are sent to the DB.
>
>DB is MySQL 5.0.x


I do something like that in my compiled application. All SQL queries are
sent to a single procedures and executed there. I trap any errors and log
the SQL in a table along with the error message. This is useful to
determine if someone is trying to break into the database (sql injection).
Having a central procedure to execute all queries is paramount in
controlling and capturing errors. I can also unplug and plug in a different
database engine quite easily rather than hunting down all direct calls to
the database. I also don't have to worry about trapping errors throughout
the application. It's all done at one central point.

I've been doing it this way for 5 years and would never start a large
application without it.

Mike


--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org

Re: logging of BAD queries

Unfortunately, I'm using a commercial application and trying to debug
as to why some data does and does not get updated properly.

On Feb 9, 2010, at 2:57 PM, mos wrote:

>
> I do something like that in my compiled application. All SQL queries
> are sent to a single procedures and executed there. I trap any
> errors and log the SQL in a table along with the error message. This
> is useful to determine if someone is trying to break into the
> database (sql injection). Having a central procedure to execute all
> queries is paramount in controlling and capturing errors. I can also
> unplug and plug in a different database engine quite easily rather
> than hunting down all direct calls to the database. I also don't
> have to worry about trapping errors throughout the application. It's
> all done at one central point.
>
> I've been doing it this way for 5 years and would never start a
> large application without it.


--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org

Re: logging of BAD queries

I'm not positive if the general log captures all invalid queries but
it does capture at least some.
I was asked the same question a few months back and checking to make
sure that manually issued invalid queries are logged (IIRC).
Could it be that the queries are never even making it to the database?
Kyong

On Tue, Feb 9, 2010 at 2:05 PM, andy knasinski wrote:
> Unfortunately, I'm using a commercial application and trying to debug as =
to
> why some data does and does not get updated properly.
>
> On Feb 9, 2010, at 2:57 PM, mos wrote:
>
>>
>> I do something like that in my compiled application. All SQL queries are
>> sent to a single procedures and executed there. I trap any errors and lo=
g
>> the SQL in a table along with the error message. This is useful to deter=
mine
>> if someone is trying to break into the database (sql injection). Having =
a
>> central procedure to execute all queries is paramount in controlling and
>> capturing errors. I can also unplug and plug in a different database eng=
ine
>> quite easily rather than hunting down all direct calls to the database. =
I
>> also don't have to worry about trapping errors throughout the applicatio=
n.
>> It's all done at one central point.
>>
>> I've been doing it this way for 5 years and would never start a large
>> application without it.
>
>
> --
> MySQL General Mailing List
> For list archives: http://lists.mysql.com/mysql
> To unsubscribe: =A0 =A0http://lists.mysql.com/mysql?unsub=3Dkykimdba@gmai=
l.com
>
>

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=3Dgcdmg-mysql-2@m.gmane.o rg

Re: logging of BAD queries

Am 09.02.2010 16:27, schrieb andy knasinski:
> I've used the general and slow query log in the past, but I am trying to
> track down some queries from a compiled app that never seem to be
> hitting the DB server.
>
> My guess is that the SQL syntax is bad and never get executed, but I
> don't see any related queries in the general query log. Does the general
> log include invalid SQL?
>
> I've also tried to use the driver logging, but on Windows it overwrites
> with the last SQL command so I cannot get a good capture as requests are
> sent to the DB.
>
> DB is MySQL 5.0.x

you can try MySQL proxy

--
Sebastian Mendel


--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org

Re: logging of BAD queries

Andy,

On Tue, Feb 9, 2010 at 10:27 AM, andy knasinski wrote:
> I've used the general and slow query log in the past, but I am trying to
> track down some queries from a compiled app that never seem to be hitting
> the DB server.
>
> My guess is that the SQL syntax is bad and never get executed, but I don't
> see any related queries in the general query log. Does the general log
> include invalid SQL?

Yes, it does. If you're not able to debug the application itself, I
would sniff the TCP traffic. Use wireshark or mk-query-digest.

Baron

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org