检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Cloud Trace Service (CTS) Records operations on cloud service resources for query, audit, and backtrack. Database Security Service (DBSS) Prevents database attacks, ensuring database security on the cloud.
Constraints Error logs, slow query logs, and audit logs cannot share a given log stream. Once configured, there is a delay of approximately 10 minutes before the changes are applied.
SQL Audit Enable Audit Logging when periodic audits are required. Enable SQL Explorer when SQL analysis is required. Routine O&M Periodically check slow query logs and error logs to identify problems in advance. Periodically check the resource usage of DB instances.
You are advised to enable SQL Audit to locate which client deletes the user. Parent Topic: SQL Issues
Security group Supported Supported Backup and restoration Supported Supported Parameter settings Supported Supported SSL Supported Supported Log management Supported Supported Read replicas (which need to be created) Supported Supported Read/write splitting Supported Supported SQL audit
Security group Supported Supported Backup and restoration Supported Supported Parameter settings Supported Supported SSL Supported Supported Log management Supported Supported Read replicas (which need to be created) Supported Supported Read/write splitting Supported Supported SQL audit
Once SQL Audit is enabled, all SQL operations will be logged. You can download audit logs and query details. For more information, see Log Reporting. API RDS supports v3 APIs.
For details about how to view audit logs, see Querying Real-Time Traces. Prerequisites Before using CTS, you need to enable it. For details, see Enabling CTS. Procedure Log in to the management console.
Table 1 Common practices Practice Description Suggestions on using RDS for MySQL Instance Usage Suggestions This practice provides suggestions on using RDS for MySQL in terms of DB instances, database connection, reliability and availability, backup and restoration, SQL audit, routine
Audit logs cannot be sent to the Kafka server. Database proxy Proxy instance access to DB instance failure proxy_connection_failure_cause_security_group Major No rules in the security group of the DB instance allow the proxy instance to access the DB instance.
Log retention period Error log details: 30 days Slow query log details: 30 days Original slow query logs: 30 days Slow query log statistics: 30 days Failover/switchover logs: 30 days SQL audit logs: The default value is 7 days. The value ranges from 1 to 732 days.
encryption Reset the administrator password to restore root access √ √ Enable TDE √ √ Parameter management Modify parameters of an RDS for MySQL instance √ √ Create a parameter template √ √ Log management View and download error logs √ √ View and download slow query logs √ √ Enable SQL audit
