检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Upgrading the Database Audit Instance Version This section describes how to upgrade your database instance version. Prerequisites The database audit instance is in the Running state. The database instance version is earlier than the latest version.
Downloading SQL Audit Logs If you enable SQL audit, the system records all SQL operations and uploads logs every half an hour or when the size is accumulated to 100 MB. You can download audit logs to view details. The minimum time unit of audit logs is second.
Deleting Audit Logs API Description This API is used to delete audit logs.
Querying Audit Logs of GaussDB Instances on CTS With CTS, you can record operations associated with GaussDB for future query, audit, and backtracking.
Using CTS to Audit OBS Cloud Trace Service (CTS) records operations on cloud resources in your account. You can use the logs to perform security analysis, track resource changes, audit compliance, and locate faults.
Viewing Audit Logs For details, see Querying Real-Time Traces (for New Console). Parent topic: Cloud Trace Service
name String Audit scope name action String Actions in the audit scope status String Audit scope rule status exception_ips String Exception IP address of the audit scope source_ips String Source IP address of the audit scope rule source_ports String Port of the audit scope rule db_ids
If you enable Upload Audit Logs to LTS, GaussDB audit logs will be uploaded to LTS and you can search for logs, monitor logs, download logs, and view real-time logs. Enabling Upload Audit Logs to LTS: Enable log upload configurations for a single instance.
To audit access to GaussDB(DWS) data sources, ensure that the following conditions are met: The audit function has been enabled for GaussDB(DWS) clusters. The audit function is enabled by default.
Figure 1 RDS for PostgreSQL audit logs Table 1 Audit log field description Field Description AUDIT: Fixed prefix, which identifies an audit record. AUDIT_TYPE Audit type. The value can be SESSION, OBJECT, or CLIENT_AUTHENTICATION.
Querying Audit Logs Anti-DDoS Operations That Can Be Recorded by CTS Viewing Logs on CTS Parent Topic: CNAD Basic (Anti-DDoS) User Guide
Querying Audit Logs CNAD Advanced Operations That Can Be Recorded by CTS Viewing CTS Traces Parent Topic: CNAD Advanced (CNAD) Operation Guide
Statement Audit Database Audit Rules
Downloading SQL Audit Logs If you enable SQL audit, all SQL operations will be logged, and you can download audit logs to view details. The minimum time unit of audit logs is second. By default, SQL audit is disabled. Enabling this function may affect database performance.
SQL Audit SQL audit helps users detect SQL standardization, design rationality, and performance issues hidden in code at the development phase. More than 300 audit rules are preset for various SQL statements such as DML, DDL, and PL/SQL.
Configuring Database Audit Instance Rules You can configure audit rules to detect database risks. To get notified of risks, you also need to Configuring Alarm Notifications.
Audit Log Upload Policy Description Scenario On the RDS console, audit logs are normally uploaded to OBS and a log file is generated every half an hour or for every 100 MB.
Audit Log Upload Policy Description Scenario On the RDS console, audit logs are normally uploaded to OBS and a log file is generated every half an hour or for every 100 MB.
Container Audit Container Audit Overview Viewing Container Audit Logs Parent Topic: Security Operations
In the navigation pane on the left, choose Audit Logs. On the Audit Logs page, locate a target log file and click Delete in the Operation column. Click Yes. Parent topic: Audit Logs
