检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Configuring Audit Rules Adding Audit Scope Adding an SQL Injection Rule Managing SQL Injection Rules Adding Risky Operations Configuring Privacy Data Protection Rules SQL Whitelist
Parent topic: Deploying the Database Audit Agent in a Container
Managing Backup Audit Logs After backing up audit logs, you can view or delete backup audit logs. Prerequisites The database audit instance is in the Running state. For details about how to enable database audit, see Enable Database Audit.
Meeting Database Audit Compliance Requirements To meet compliance requirements, DBSS allows you to configure the retention period for audit logs, audit reports, and privacy audit logs Configuring Audit Log Retention Duration According to relevant audit laws and regulations, audit
Parent topic: Audit Instance
What Is Database Audit? Database audit is deployed in out-of-path mode. It records user access to the database in real time, generates fine-grained audit reports, sends real-time alarms for risky operations and attack behaviors.
Parent topic: Audit Instance
What Are the Functions of Database Audit? Database audit is deployed in out-of-path pattern and can perform flexible audit on databases built on ECS, BMS, and RDS without affecting services.
Parent topic: Audit Instance
Querying Audit Summary Information Function This API is used to query audit summary information. Calling Method For details, see Calling APIs.
Adding an Audit Database Agent Function This API is used to add an audit database agent. Calling Method For details, see Calling APIs.
Querying Audit SQL Statements Function This API is used to query audit SQL statements. Calling Method For details, see Calling APIs.
Querying Audit Alarm Information Function This API is used to query audit alarm information. Calling Method For details, see Calling APIs.
View the database audit instances information. For details about related parameters, see Table 1. Figure 1 Viewing database audit instances You can click the name of an instance to view its overview.
Upgrading the Database Audit Instance Version This section describes how to upgrade your database instance version. Prerequisites The database audit instance is in the Running state. The database instance version is earlier than the latest version.
name String Audit scope name action String Actions in the audit scope status String Audit scope rule status exception_ips String Exception IP address of the audit scope source_ips String Source IP address of the audit scope rule source_ports String Port of the audit scope rule db_ids
Configuring Database Audit Instance Rules You can configure audit rules to detect database risks. To get notified of risks, you also need to Configuring Alarm Notifications.
Backing Up and Restoring Database Audit Logs Database audit logs can be backed up to OBS buckets to achieve high availability for disaster recovery. You can back up or restore database audit logs as required. Prerequisites The database audit instance is in the Running state.
Deploying the Database Audit Agent in a Container Scenario Adding a Database and Exporting Database Configurations Installing the Agent on CCE Cluster Nodes Enabling Database Audit Checking Audit Results
Can Database Audit Be Used Across AZs? Database audit is available only if the target database and your database audit instance are in the same region.
