检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Configuring Audit Rules Adding Audit Scope Adding an SQL Injection Rule Managing SQL Injection Rules Adding Risky Operations Configuring Privacy Data Protection Rules SQL Whitelist
Database Audit Context Database audit is critical to the security of the database system.
Database Audit Context Database audit is critical to the security of the database system.
Database Audit Context Database audit is critical to the security of the database system.
Examples -- Create the adt1 policy. m_db=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; CREATE AUDIT POLICY -- Delete the audit policy adt1. m_db=# DROP AUDIT POLICY adt1; DROP AUDIT POLICY -- When you delete the audit policy adt0 that does not exist, the system displays a message
ALTER AUDIT POLICY and DROP AUDIT POLICY Parent topic: C
Audit Using CTS Key Operations Supported by CTS Viewing Traces
Querying Audit Summary Information Function Querying Audit Summary Information URI GET /v2/{project_id}/audit/summary/info Table 1 Path Parameters Parameter Mandatory Type Description project_id Yes String Definition: Specifies the project ID.
Audit and Logging Audit Cloud Trace Service (CTS) records operations on the cloud resources in your account. You can use the logs generated by CTS to perform security analysis, track resource changes, audit compliance, and locate faults.
Table of Audit Logs This function enables direct SQL statement execution for viewing and analyzing audit logs, eliminating the need to manually collect and analyze FE audit log files to check service volume and types.
Managing Backup Audit Logs After backing up audit logs, you can view or delete backup audit logs. Prerequisites The database audit instance is in the Running state. For details about how to enable database audit, see Enable Database Audit.
Range ≥ 0 Table 5 AuditLogDetail Parameter Type Description id String Definition Audit log ID. Range N/A name String Definition Audit log file name. Range N/A size Long Definition Audit log size, in KB. Range N/A begin_time String Definition Start time of the audit log.
If the system data disk space is large enough, you can prolong the storage duration of system audit logs or even keep system audit logs for ever. For more details about system data backup, see How Can I Back Up CBH System Data? Parent topic: O&M Log Audit
Meeting Database Audit Compliance Requirements To meet compliance requirements, DBSS allows you to configure the retention period for audit logs, audit reports, and privacy audit logs Configuring Audit Log Retention Duration According to relevant audit laws and regulations, audit
Viewing DCS Audit Logs With CTS, you can query, audit, and review operations performed on cloud resources. Traces include the operation requests sent using the console or open APIs as well as the results of these requests.
Querying Audit Logs For details about how to view audit logs, see Querying Real-Time Traces. Parent topic: Key Operations Recorded by CTS
policy. openGauss=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; -- Perform the SELECT operation on the database to create an audit policy. openGauss=# CREATE AUDIT POLICY adt2 ACCESS SELECT; -- Create an audit policy to audit only the CREATE operations performed on the adt_lb0
policy. openGauss=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; -- Perform the SELECT operation on the database to create an audit policy. openGauss=# CREATE AUDIT POLICY adt2 ACCESS SELECT; -- Create an audit policy to audit only the CREATE operations performed on the adt_lb0
policy. gaussdb=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; -- Perform the SELECT operation on the database to create an audit policy. gaussdb=# CREATE AUDIT POLICY adt2 ACCESS SELECT; -- Create an audit policy to audit only the CREATE operations performed on the adt_lb0 resource
policy. gaussdb=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; -- Perform the SELECT operation on the database to create an audit policy. gaussdb=# CREATE AUDIT POLICY adt2 ACCESS SELECT; -- Create an audit policy to audit only the CREATE operations performed on the adt_lb0 resource
