检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Data Usage Audit Which Types of Abnormal Events Can Be Identified by DSC? How Do I Audit DSC Operation Records?
Operation Guide for Audit Administrators Viewing Operation Logs Message Notifications Parent Topic: API Data Security Protection
For details, see Viewing Audit Logs. Parent topic: Security
The OBS audit function has been enabled in the asset center. After OBS audit is enabled, you will be charged for reading and writing logs using the logging function of OBS. For details about the fees, see Requests. Sensitive data of OBS assets has been identified.
To automatically back up audit logs, perform the following operations: Click Setting in the audit log auto backup area. Set the backup location and backup period. Click Confirm. Click to enable automatic audit log backup.
Restoring Audit Logs and Configuration Data You can restore system audit logs and configuration data by uploading backup files on the System Management > Backup Restore page.
On the Retrieval page, view the audit log list. Figure 1 Audit log statistics (Optional) In the audit log list, click Details in a row to view details about the log. (Optional) To download audit logs to the local PC, click Export.
How Do I Audit DSC Operation Records? All operations performed on DSC are recorded as API calls in CTS. and you can view all the records on the CTS console for auditing. For details about how to view audit logs, see Viewing Audit Logs. Parent topic: Data Usage Audit
Parent topic: Data Usage Audit
After purchasing database audit, you can use the database audit function. Database audit records user access to databases in real time, generates fine-grained audit reports, and generates alarms for risky behaviors and attacks in real time.
administrator Used to audit, analyze, supervise, and view the operations performed by system administrators and security administrators.
Event Management DSC integrates with key security components, including Database Audit, and Cloud Bastion Host, enabling centralized event management and real-time event delivery to DSC. This allows users to promptly verify and handle events.
Configuring a Policy on the Alerts Page You can configure an audit and protection policies on the Alarms page based on the alert information. If a subsequent access behavior matches the policy, it will automatically take effect.
After enabling CTS, you can view all generated traces to review and audit performed DSC operations. For details, see Cloud Trace Service User Guide. Table 1 lists DSC operations recorded by CTS.
Select the Database audit policy type. Click Start configuring. The page for configuring the database audit policy type is displayed. Set the parameters by referring to Table 1.
Figure 1 Message notifications Parent Topic: Operation Guide for Audit Administrators
Parent Topic: Operation Guide for Audit Administrators
Configuring a Policy on the Retrieval Page You can configure an audit and protection policy according to the audit logs. If a subsequent access behavior matches the policy, it will automatically take effect.
Resetting a Password An instance has three default accounts: a system administrator (sysadmin), a security administrator (secadmin), and an audit administrator (audadmin). You can reset the password of any of the three accounts.
Creating an Account The system has created the following default accounts: sysadmin (system administrator), audadmin (audit administrator), and secadmin (security administrator).
