检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Database audit analyzes risks and sessions, and detects SQL injection attempts so you can stay apprised of your database status. Database audit provides a report template library to generate daily, weekly, or monthly audit reports according to your configurations.
Audit and Logs Audit Cloud Trace Service (CTS) CTS is a log audit service intended for cloud security. It records operations on the cloud resources in your account.
RDS for SQL Server Audit enables you to audit server-level and database-level groups of events and individual events. RDS for SQL Server audits consist of zero or more audit action items.
The RDS backup space stores automated backups, manual backups, and SQL audit logs. Automated full and incremental backups Automated backups cannot be manually deleted. You need to change the backup retention period by configuring a backup policy.
In addition, you are advised to use Database Security Service (DBSS) to obtain full audit logs. The audit logs contain DML audit content and can be stored for 180 days or longer.
Security Shared Responsibilities Identity Authentication and Access Control Data Protection Audit and Logs Risk Monitoring Fault Recovery Certificates
Review the data execution records in audit logs to check for potential misoperations. Restore data using backup files: Use the RDS restoration function. Import the backup data to RDS through an ECS. Parent Topic: Backup and Restoration
Cloud Trace Service (CTS) Records operations on cloud service resources for query, audit, and backtrack. Data Replication Service (DRS) Smoothly migrates databases to the cloud.
Key Operations Supported by CTS Cloud Trace Service (CTS) records operations related to RDS for SQL Server instances for further query, audit, and backtrack. This section lists only common key operations.
Log Management Viewing and Downloading System Logs Viewing and Downloading Audit Logs Viewing and Downloading Slow Query Logs
All regions Viewing and Downloading System Logs Viewing and Downloading Audit Logs Viewing and Downloading Slow Query Logs APIs RDS supports v3 APIs.
Audit log Total space occupied by audit logs. Temporary space Total space of the tempdb database. System database Total space of system database msdb. Top 20 Databases You can view details about the top 20 databases by physical file size, including file information.
Audit logs The maximum size of an audit log file is 50 MB. Up to 50 audit log files can be displayed. For more information, see Log Management. Naming Table 3 Naming Item Constraints Instance name 4 to 64 characters long Must start with a letter.
You can check the login and logout time of an account from audit logs. To view sessions, run the show processlist command in the database. Parent Topic: Database Usage
Viewing Tracing Events For details about how to view audit logs, see Querying Real-Time Traces. Parent Topic: Interconnection with CTS
log function rds:auditlog:operate N/A Obtaining an audit log list rds:auditlog:list N/A Querying the audit log policy rds:auditlog:list N/A Obtaining the link for downloading an audit log rds:auditlog:download N/A Obtaining a switchover log rds:log:list N/A Creating a database rds
Audit logs cannot be sent to the Kafka server. Table 2 Operation events Event Source Event Name Event ID Event Severity Description RDS Reset administrator password resetPassword Major The password of the database administrator is reset.
Logs whose names start with RDSAudit are audit logs. A GUID and timestamp are automatically added to an audit log name. For details, see Viewing and Downloading Audit Logs. Locate a log to be downloaded and click Download in the Operation column.
Example: select * from ::fn_trace_gettable('D:\SQLTrace\audit\SQLTrace.trc', default) The result is shown in Figure 2. Figure 2 Slow query log details Downloading a Log Click in the upper left corner and select a region.
