Encrypting Binary Logs
MariaDB Enterprise Server and MariaDB Community Server supports data-at-rest encryption, which secures data on the file system. The server and storage engines encrypt data before writes and decrypts during reads, ensuring that the data is only unencrypted when accessed directly through the server.
Binary logs support the following data-at-rest encryption features:
All binary logs can be automatically encrypted.
All relay logs can be automatically encrypted.
Temporary on-disk binary log caches can be automatically encrypted.
Additional information is available on the MariaDB Knowledge Base.