检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Audit Log Upload Policy Description Scenario On the RDS console, audit logs are normally uploaded to OBS and a log file is generated every half an hour or for every 100 MB.
audit logs will be reserved for some time when SQL audit is disabled. false: indicates that historical audit logs will be deleted immediately when SQL audit is disabled. audit_types No Array of strings This parameter applies only to RDS for MySQL.
Audit and Logs Audit Cloud Trace Service (CTS) CTS is a log audit service intended for cloud security. It records operations on the cloud resources in your account.
Keep the following points in mind before you enable audit logging or audit log reporting to LTS: Enabling audit logging or audit log reporting to LTS generates audit logs and the sensitive information in the audit logs is not anonymized.
Figure 1 Setting SQL audit To disable SQL audit, toggle off the Audit Logging switch, select the confirmation check box, and click OK. After SQL audit is disabled, all audit logs will be deleted immediately and cannot be recovered.
RDS for SQL Server Audit enables you to audit server-level and database-level groups of events and individual events. RDS for SQL Server audits consist of zero or more audit action items.
Figure 1 RDS for PostgreSQL audit logs Table 1 Audit log field description Field Description AUDIT: Fixed prefix, which identifies an audit record. AUDIT_TYPE Audit type. The value can be SESSION, OBJECT, or CLIENT_AUTHENTICATION.
Downloading SQL Audit Logs If you enable SQL audit, all SQL operations will be logged, and you can download audit logs to view details. The minimum time unit of audit logs is second. By default, SQL audit is disabled. Enabling this function may affect database performance.
Downloading SQL Audit Logs If you enable SQL audit, the system records all SQL operations and uploads logs every half an hour or when the size is accumulated to 100 MB. You can download audit logs to view details. The minimum time unit of audit logs is second.
Figure 2 Setting SQL audit In the displayed dialog box, toggle off the Audit Logging switch and select the check box "I acknowledge that after audit log is disabled, all audit logs are deleted." Deleted audit logs cannot be recovered.
Value range: N/A name String Explanation: Indicates the audit log file name. Value range: N/A size Long Explanation: Indicates the size in KB of the audit log. Value range: N/A begin_time String Explanation: Indicates the start time of the audit log.
Querying the Policy for SQL Audit Logs Function This API is used to query the policy for SQL audit logs. Before calling an API, you need to understand the API in Authentication.
Key Operations Supported by CTS Cloud Trace Service (CTS) records operations related to RDS for further query, audit, and backtrack.
Key Operations Supported by CTS Cloud Trace Service (CTS) records operations related to RDS for further query, audit, and backtrack.
Request Table 2 Parameter description Name Mandatory Type Description ids Yes Array of strings Specifies the list of audit logs. A maximum of 50 audit log IDs are allowed in the list. Example Request Obtain the links for downloading audit logs.
In the displayed dialog box, toggle on the audit log switch and set the number of days to retain audit logs. Figure 1 Setting SQL audit Configure parameters.
Viewing Tracing Events For details about how to view audit logs, see Querying Real-Time Traces. Parent Topic: Interconnection with CTS
Viewing Tracing Events For details about how to view audit logs, see Querying Real-Time Traces. Parent Topic: Interconnection with CTS
Viewing Tracing Events For details about how to view audit logs, see Querying Real-Time Traces. Parent Topic: Interconnection with CTS
View database login and logout time in SQL audit logs. For details about how to enable SQL audit, see Enabling SQL Audit. To view sessions, run the show processlist command in the database. Parent topic: Database Usage