检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
ENABLE|DISABLE Enables or disables the unified audit policy. If ENABLE|DISABLE is not specified, ENABLE is used by default. Examples See Examples in "CREATE AUDIT POLICY." Helpful Links CREATE AUDIT POLICY and DROP AUDIT POLICY Parent topic: SQL Syntax
Database Audit Context Database audit is critical to the security of the database system.
Database Audit Context Database audit is critical to the security of the database system.
Database Audit Context Database audit is critical to the security of the database system.
policy. openGauss=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; -- Perform the SELECT operation on the database to create an audit policy. openGauss=# CREATE AUDIT POLICY adt2 ACCESS SELECT; -- Create an audit policy to audit only the CREATE operations performed on the adt_lb0
policy. openGauss=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; -- Perform the SELECT operation on the database to create an audit policy. openGauss=# CREATE AUDIT POLICY adt2 ACCESS SELECT; -- Create an audit policy to audit only the CREATE operations performed on the adt_lb0
policy. gaussdb=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; -- Perform the SELECT operation on the database to create an audit policy. gaussdb=# CREATE AUDIT POLICY adt2 ACCESS SELECT; -- Create an audit policy to audit only the CREATE operations performed on the adt_lb0 resource
policy. gaussdb=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; -- Perform the SELECT operation on the database to create an audit policy. gaussdb=# CREATE AUDIT POLICY adt2 ACCESS SELECT; -- Create an audit policy to audit only the CREATE operations performed on the adt_lb0 resource
The default value is on, indicating that the audit function is enabled. In addition to the overall audit configuration, each audit item can be independently configured. The function of each audit item takes effect only after the configuration is enabled.
Bit 9 Whether to audit the CREATE, DROP, and ALTER operations on resource pools.
Operation Audit audit_system_object Parameter description: Specifies whether to audit the CREATE, DROP, and ALTER operations on database objects. Database objects include databases, users, schemas, and tables.
Interconnecting with LTS and Querying Database Audit Logs Scenarios Audit logs capture database start, stop, and connection events, along with DDL, DML, and DCL operations.
Audit logs are generated for communication among tools or nodes in the database server. To save space occupied by audit logs and improve the query performance of audit logs, the low-risk scenarios cannot be audited by configuring the no_audit_client parameter.
User and Permission Audit audit_login_logout Parameter description: Specifies whether to audit the GaussDB user's login (including login success and failure) and logout. This is a SIGHUP parameter. Set it based on instructions in Table 1.
User and Permission Audit audit_login_logout Parameter description: Specifies whether to audit the GaussDB user's login (including login success and failure) and logout. This is a SIGHUP parameter. Set it based on instructions provided in Table 1.
Audit logs are generated for communication among tools or nodes in the database server. To save space occupied by audit logs and improve the query performance of audit logs, the low-risk scenarios cannot be audited by configuring the no_audit_client parameter.
Setting suggestion: Retain the default value to save space occupied by audit logs and improve audit log query performance.
Setting suggestion: Retain the default value to save space occupied by audit logs and improve audit log query performance.
How Do I Enable the Audit of INSERT, UPDATE, and DELETE Operations in GaussDB? You can enable the audit of INSERT, UPDATE, and DELETE operations on the GaussDB console. Specifically, perform the following operations: Log in to the management console.
Unified audit: The unified audit mechanism is a technology that implements efficient security audit management by customizing audit policies.
