v.24.6New Feature
Introduced used_privileges and missing_privileges columns in system.query_log
Introduced two additional columns in thesystem.query_log:used_privilegesandmissing_privileges.used_privilegesis populated with the privileges that were checked during query execution, andmissing_privilegescontains required privileges that are missing. #64597 (Alexey Katsman).
Why it matters
This feature allows users to track which privileges were checked during query execution (used_privileges) and identify any required but missing privileges (missing_privileges). It improves security auditing and troubleshooting of permission-related issues.How to use it
Users can query thesystem.query_log table to view the new used_privileges and missing_privileges columns alongside other query information. No special configuration is required; these columns are populated automatically for each logged query.