检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Bit 9 Whether to audit the CREATE, DROP, and ALTER operations on resource pools.
Adding an Audit Database Agent Function Adding an Audit Database Agent URI POST /v3/{project_id}/audit/{instance_id}/agents Table 1 Path Parameters Parameter Mandatory Type Description project_id Yes String Definition: Project ID You can obtain the value by calling the IAM API for
Operation Audit audit_system_object Parameter description: Specifies whether to audit the CREATE, DROP, and ALTER operations on database objects. Database objects include databases, users, schemas, and tables.
For details about how to enable the cloud audit service, see Enabling CTS.
Querying Audit SQL Statements Function Querying Audit SQL Statements URI POST /v2/{project_id}/audit/{instance_id}/sqls Table 1 Path Parameters Parameter Mandatory Type Description project_id Yes String ** Parameter description**: Specifies the project ID.
SQL Audit Errors UGO.10100001 The SQL text file is too large UGO.10100002 Password encryption or decryption error UGO.10100005 The parameter is incorrect UGO.10100006 The audit task queue is full UGO.10100007 The number of rule templates has reached the limit UGO.10100008 Incorrect
Figure 1 RDS for PostgreSQL audit logs Table 1 Audit log field description Field Description AUDIT: Fixed prefix, which identifies an audit record. AUDIT_TYPE Audit type. The value can be SESSION, OBJECT, or CLIENT_AUTHENTICATION.
Downloading SQL Audit Logs If you enable SQL audit, all SQL operations will be logged, and you can download audit logs to view details. The minimum time unit of audit logs is second. By default, SQL audit is disabled. Enabling this function may affect database performance.
Querying Audit Alarm Information Function Querying Audit Alarm Information URI POST /v2/{project_id}/audit/{instance_id}/alarm-log Table 1 Path Parameters Parameter Mandatory Type Description project_id Yes String ** Parameter description**: Specifies the project ID.
Viewing RabbitMQ Audit Logs With Cloud Trace Service (CTS), you can record operations associated with DMS for RabbitMQ for later query, audit, and backtrack operations. Prerequisite CTS has been enabled.
Parent topic: Audit Instance
Querying Audit Logs AAD Operations Supported by CTS Viewing CTS Traces Parent Topic: Advanced Anti-DDoS User Guide
Deleting Audit Logs API Description This API is used to delete audit logs.
View the database audit instances information. For details about related parameters, see Table 1. Figure 1 Viewing database audit instances You can click the name of an instance to view its overview.
Viewing RocketMQ Audit Logs Cloud Trace Service (CTS) records DMS for RocketMQ operations. You can query, audit, and backtrack them later. Prerequisite CTS has been enabled.
(Optional) Checking Audit Logs Cloud Trace Service (CTS) records operations on CodeArts Req for query, audit, and backtrack.
Viewing Kafka Audit Logs With Cloud Trace Service (CTS), you can record operations associated with DMS for Kafka for later query, audit, and backtrack operations. Prerequisite CTS has been enabled.
Upgrading the Database Audit Instance Version This section describes how to upgrade your database instance version. Prerequisites The database audit instance is in the Running state. The database instance version is earlier than the latest version.
Downloading SQL Audit Logs Scenarios If you enable SQL audit, the system records all SQL operations and uploads logs every half an hour or when the size is accumulated to 100 MB. You can download audit logs to view details. The minimum time unit of audit logs is second.
Using CTS to Audit OBS Cloud Trace Service (CTS) records operations on cloud resources in your account. You can use the logs to perform security analysis, track resource changes, audit compliance, and locate faults.
