This document discusses using a honeypot technique to detect unauthorized access to a database. It presents an audit plugin called audit_tripwire that can be installed on a MySQL database. The plugin monitors for any non-administrator users accessing predefined "attractive" tables and logs a warning. It then prevents further commands on the database by that user until an administrator intervenes. The document provides example code of how the plugin works and instructions for compiling, installing, and testing it on a sample database.