tshark, a terminal based version of wireshark, will dump MySQL statements which it captures on port 3306 to the terminal.
install the required package for tshark
apt install wireshark
As root, run the following command on your database server to capture all SQL
statements that are being passed to it from MySQL clients on internet eth0.
tshark -i eth0 -aduration:120 -d tcp.port==3306,mysql -T fields -e mysql.query 'port 3306'