Debugging MySQL Applications With Wireshark

Want to be debug all the raw MySQL statements sent to your MySQL box?

Just use wireshark.

In fact… here’s the magical command you need to run:


apt-get install apt-get install tshark

… now the command line version of wireshark is installed.

Now you can just start dumping the SQL commands running against your sever:


tshark -i 1 -T text -V -f 'dst port 3306' |grep -i 'statement: ' | cut -b20-

This will then dump all the SQL running against your server. For example:

SELECT COUNT( * ) FROM FOO WHERE FOO.ID = 'k~OVOe8XfxM' 
SHOW COLLATION
SET autocommit=1
SHOW SLAVE STATUS /* lbpool */ 
SHOW PROCESSLIST /* lbpool */
SHOW SLAVE STATUS /* lbpool */ 
SHOW PROCESSLIST /* lbpool */
SELECT COUNT( * ) FROM FOO WHERE FOO.ID = 'dpm516E79n0' 
SELECT COUNT( * ) FROM FOO WHERE FOO.ID = 'W0-QSDKKwUI' 
SELECT COUNT( * ) FROM FOO WHERE FOO.ID = '~YSnu6cW5~Y' 

One downsize is that if you’re using a long INSERT the result will be truncated. I’m not sure how to fix this problem yet…


  1. a

    lol! This is a great idea! I used to enable –log of mysqld to get all the commands going to the server but that used to slow things down such a lot! This is a much simpler and clever thing to do during debugging! Why didn’t I think of this?

  2. You know if the sql is sent across as strings you might be better off with tcpflow and strings.

  3. Obviously you can also use the MySQL Proxy for this. Interestingly with PHP 5.3 and mysqlnd you will also eventually be able to use a custom stream wrapper to examine what is send from the client to the mysql server.






%d bloggers like this: