检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Database audit analyzes risks and sessions, and detects SQL injection attempts so you can stay apprised of your database status. Database audit provides a report template library to generate daily, weekly, or monthly audit reports according to your configurations.
Audit and Logs Audit Cloud Trace Service (CTS) CTS is a log audit service intended for cloud security. It records operations on the cloud resources in your account.
Check for misoperations: If SQL audit has been enabled, you can view data execution records in audit logs. Restore data using backup files: Use the RDS restoration function. Import the backup data to RDS through an ECS. Parent topic: Backup and Restoration
SQL audit logs You can change the retention period. Audit logs that have expired will be automatically deleted. For details, see Enabling SQL Audit. You can also disable SQL audit and select check box "I acknowledge that after audit log is disabled, all audit logs are deleted.".
Table 1 Common practices Practice Description Suggestions on using RDS for MariaDB Instance Usage Suggestions This practice provides suggestions on using RDS for MariaDB in terms of DB instances, database connection, reliability and availability, backup and restoration, SQL audit,
Downloading SQL Audit Logs If you enable SQL audit, all SQL operations will be logged, and you can download audit logs to view details. The minimum time unit of audit logs is second. By default, SQL audit is disabled. Enabling this function may affect database performance.
After you change the retention period of audit logs, expired audit logs will be deleted 1 hour later. After SQL audit is enabled, a large number of audit logs may be generated during peak hours.
View database login and logout time in SQL audit logs. For details about how to enable SQL audit, see Enabling SQL Audit. To view sessions, run the show processlist command in the database. Parent topic: Database Usage
Security Shared Responsibilities Identity Authentication and Access Control Data Protection Audit and Logs Resilience Risk Monitoring Fault Recovery Certificates
Monitoring and alarms Supported Supported Security group Supported Supported Backup and restoration Supported Supported Parameter settings Supported Supported SSL Supported Supported Log management Supported Supported Read replicas (which need to be created) Supported Supported SQL audit
Table 1 Parameter description Parameter Description Data Disk space for storing user data Binlogs Disk space for storing binlogs Slow query logs Disk space for storing slow logs Relay logs Disk space for storing relay logs Audit logs Disk space for storing audit logs Temporary space
Cloud Trace Service (CTS) Records operations on cloud service resources for query, audit, and backtrack. Data Replication Service (DRS) Smoothly migrates databases to the cloud.
Key Operations Supported by CTS Cloud Trace Service (CTS) records operations related to RDS for further query, audit, and backtrack.
Log Management Viewing and Downloading Error Logs Viewing and Downloading Slow Query Logs Enabling or Disabling SQL Audit Downloading SQL Audit Logs
SQL Audit records all SQL operations in log files for download and query. All regions Viewing and Downloading Error Logs Viewing and Downloading Slow Query Logs APIs RDS supports v3 APIs.
log function rds:auditlog:operate N/A Obtaining an audit log list rds:auditlog:list N/A Querying the audit log policy rds:auditlog:list N/A Obtaining the link for downloading an audit log rds:auditlog:download N/A Obtaining a switchover log rds:log:list N/A Creating a database rds
