检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
This section describes how to enable the database audit function and check audit results. To audit a database, export the database configurations and install the agent on the nodes of the Cloud Container Engine (CCE) clusters connected to the database.
How Long Are the Operation Logs of Database Audit Saved by Default? The operation logs of database audit are permanently saved. Parent topic: Logs
Step 2: Enable Database Audit By default, database audit complies with a full audit rule, which is used to audit all databases that are connected to the database audit instance. You can enable audit and check audit results. For details, see Viewing the Audit Dashboard.
How Do I Verify My Database Audit Configuration? To verify your database audit configurations after you enabled audit, perform the following steps: Enter an SQL statement (for example, show databases) in the node where the agent is installed. Log in to the management console.
Querying Parameter Modification Audit Records Function This API is used to query parameter modification audit records. Call Method For details, see Calling APIs.
Parent topic: Audit Instance
Querying the Policy for SQL Audit Logs Function This API is used to query the policy for SQL audit logs. Before calling an API, you need to understand the API in Authentication.
How Do I Set Database Audit Rules for All Databases? By default, database audit complies with a full audit rule, which is used to audit all databases that are connected to the database audit instance. This audit rule is enabled by default.
Querying Audit Logs of Killing Sessions Function Obtaining Audit Logs of Killing Sessions Constraints None URI URL format GET /v3/{project_id}/instances/{instance_id}/processes-audit-log?
The database audit instance is in the Running state. For details about how to enable database audit, see Enable Database Audit. Procedure Log in to the management console. Select a region, click , and choose Security & Compliance > Database Security Service.
Parent topic: Configuring Audit Rules
What OSs Can I Install the Database Audit Agent On? To use database audit, you need to install its agent on the required database, application, or proxy side, and then connect to the database audit instance. The database audit agent can run on 64-bit Linux or 64-bit Windows.
Parent Topic: Log Audit
Obtaining Links for Downloading Audit Logs Description This API is used to obtain the link for downloading audit logs.
The OBS audit function has been enabled in the asset center. After OBS audit is enabled, you will be charged for reading and writing logs using the logging function of OBS. For details about the fees, see Requests. Sensitive data of OBS assets has been identified.
The maximum length of an audit statement or result set is 10,240 bytes. Excessive parts are not recorded in audit logs.
Parent topic: Configuring Audit Rules
CTS Auditing Key Operations Recorded by CTS Viewing Traces Parent topic: Monitoring and Audit
Log Management Configuring Logs Changing the Log Storage Duration Log Field Description Parent Topic: Log Audit
Parent topic: Viewing Audit Logs
