检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Helpful Links ALTER AUDIT POLICY and CREATE AUDIT POLICY Parent topic: SQL Syntax
Examples See Examples in section "CREATE AUDIT POLICY." Helpful Links CREATE AUDIT POLICY and DROP AUDIT POLICY Parent topic: SQL Syntax
Examples See Examples in section "CREATE AUDIT POLICY." Helpful Links CREATE AUDIT POLICY and DROP AUDIT POLICY Parent topic: SQL Syntax
ENABLE|DISABLE Enables or disables the unified audit policy. If ENABLE|DISABLE is not specified, ENABLE is used by default. Examples See Examples in "CREATE AUDIT POLICY." Helpful Links CREATE AUDIT POLICY and DROP AUDIT POLICY Parent topic: SQL Syntax
ENABLE|DISABLE Enables or disables the unified audit policy. If ENABLE|DISABLE is not specified, ENABLE is used by default. Examples See Examples in "CREATE AUDIT POLICY." Helpful Links CREATE AUDIT POLICY and DROP AUDIT POLICY Parent topic: SQL Syntax
CREATE AUDIT POLICY Function CREATE AUDIT POLICY creates a unified audit policy. Precautions Only user poladmin, user sysadmin, or the initial user can perform this operation.
Database Audit Context Database audit is critical to the security of the database system.
Database Audit Context Database audit is critical to the security of the database system.
Database Audit Context Database audit is critical to the security of the database system.
policy. openGauss=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; -- Perform the SELECT operation on the database to create an audit policy. openGauss=# CREATE AUDIT POLICY adt2 ACCESS SELECT; -- Create an audit policy to audit only the CREATE operations performed on the adt_lb0
policy. openGauss=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; -- Perform the SELECT operation on the database to create an audit policy. openGauss=# CREATE AUDIT POLICY adt2 ACCESS SELECT; -- Create an audit policy to audit only the CREATE operations performed on the adt_lb0
policy. gaussdb=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; -- Perform the SELECT operation on the database to create an audit policy. gaussdb=# CREATE AUDIT POLICY adt2 ACCESS SELECT; -- Create an audit policy to audit only the CREATE operations performed on the adt_lb0 resource
policy. gaussdb=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; -- Perform the SELECT operation on the database to create an audit policy. gaussdb=# CREATE AUDIT POLICY adt2 ACCESS SELECT; -- Create an audit policy to audit only the CREATE operations performed on the adt_lb0 resource
Operation Audit audit_system_object Parameter description: Specifies whether to audit the CREATE, DROP, and ALTER operations on the GaussDB database object. The GaussDB database objects include databases, users, schemas, and tables.
The default value is on, indicating that the audit function is enabled. In addition to the overall audit configuration, each audit item can be independently configured. The function of each audit item takes effect only after the configuration is enabled.
Its default value is on, indicating that the audit function is enabled. In addition to the overall audit switch, each audit item has an independent switch. An audit item is available only after its own switch is turned on. The switch of each audit supports dynamic loading.
Bit 9 Whether to audit the CREATE, DROP, and ALTER operations on resource pools.
Operation Audit audit_system_object Parameter description: Specifies whether to audit the CREATE, DROP, and ALTER operations on database objects. Database objects include databases, users, schemas, and tables.
Querying Audit Logs of GaussDB Instances on CTS With CTS, you can record operations associated with GaussDB for future query, audit, and backtracking.
If you enable Upload Audit Logs to LTS, GaussDB audit logs will be uploaded to LTS and you can search for logs, monitor logs, download logs, and view real-time logs. Enabling Upload Audit Logs to LTS: Enable log upload configurations for a single instance.
