The server was asked to apply JSON audit log filtering but the required audit_log_filter plugin is not installed or enabled.
ER_AUDIT_LOG_JSON_FILTERING_NOT_ENABLED occurs when MySQL tries to use JSON audit log filters but the audit_log_filter plugin is missing. Install and enable the plugin, then activate JSON filtering to fix the error.
ER_AUDIT_LOG_JSON_FILTERING_NOT_ENABLED
MySQL throws ER_AUDIT_LOG_JSON_FILTERING_NOT_ENABLED when the server receives a command that relies on JSON audit log filters, yet the audit_log_filter plugin has not been loaded. The message signals that filtering rules cannot be applied until the plugin is present.
The error is common after upgrading to MySQL 5.7.22+ or 8.x and enabling audit log filtering options such as audit_log_filter_id without first installing the plugin. It can surface at startup, during SET GLOBAL statements, or while calling audit_log_filter_set.
Without JSON filtering, audit logs may store excessive or sensitive data, increasing disk usage and compliance risk. Resolving the error restores fine-grained logging control and keeps security teams compliant.
The root cause is the absence or deactivation of the audit_log_filter plugin. MySQL core does not ship it as built-in; administrators must explicitly install it.
Install the plugin with INSTALL PLUGIN audit_log_filter SONAME 'audit_log_filter.so'; then verify it with SELECT * FROM information_schema.plugins WHERE plugin_name='audit_log_filter';. Finally, enable JSON filtering variables.
If the plugin file is missing from the plugin directory, copy audit_log_filter.so from the MySQL distribution. On Windows, use audit_log_filter.dll in the bin directory and run INSTALL PLUGIN accordingly.
Automate plugin installation in deployment scripts, confirm plugin status at startup, and use GALAXY's SQL snippets library to store the correct INSTALL statements for reuse.
ER_AUDIT_LOG_UDF_NOT_PRESENT appears when the audit_log_user variable is set but the user-defined functions are absent. Fix by installing audit_log_user.so. ER_AUDIT_PLUGIN_CANNOT_LOAD means the audit plugin file is unreadable; grant correct file permissions.
The audit_log_filter shared library is not present in the plugin directory, often after package-based upgrades.
my.cnf lacks plugin-load directives, so the server boots without the filter plugin.
Administrators removed the plugin with UNINSTALL PLUGIN but did not disable filtering options.
MySQL lacks read permissions on audit_log_filter.so, causing load failure and the error on first filter use.
Raised when a referenced filter ID does not exist in mysql.audit_log_filter table.
Indicates MySQL failed to load the audit plugin due to missing file or bad permissions.
Occurs when the generated JSON event exceeds the maximum size limit.
Yes. Each MySQL instance that uses JSON filtering must have the audit_log_filter plugin installed to avoid the error.
The overhead is minimal. Filtering may actually reduce I/O by writing fewer events.
Yes. INSTALL PLUGIN works on a running server and does not require restart, but updating my.cnf ensures persistence.
Galaxy allows you to store and share the INSTALL PLUGIN script, making it easy for teams to reproduce the correct configuration during deployments.
.avif)
.avif){kind=logo}
