检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Audit logs of sessions can be viewed online, recorded and played online, and played offline after being downloaded.
RDS You can log in to the Huawei Cloud Relational Database Service (RDS) databases through CBH to manage databases and login credentials and audit O&M sessions in a more secure way.
System Log Querying System Logs Exporting System Logs Parent topic: Audit
Operation Report Viewing Operation Reports Pushing Operation Reports Parent topic: Audit
System Report Viewing System Reports Pushing System Reports Parent topic: Audit
Live Session Viewing Live Sessions Monitoring Live Sessions Interrupting a Live Session Parent topic: Audit
History Session Viewing History Sessions Exporting History Session Records Managing Session Videos Parent topic: Audit
Security Shared Responsibilities Asset Identification and Management Identity Authentication and Access Control Data Protection Controls Audit and Logging Service Resilience Certificates
Audit data √ × You need to back up all audit data, including history sessions, session videos, system login logs, system operation logs, O&M reports, and system reports, because audit data cannot be imported to the new CBH system.
Audit logs of sessions can be viewed online, recorded and played online, and played offline after being downloaded.
Will Changing Instance Specifications or Upgrading Instances Cause Audit Data Loss? Why Does FTP/SFTP Remote Backup Fail? How Do I Import Backup Data to a Primary/Standby CBH Instance?
All task operation logs are provided. × √ System audit Live session audit All on-going sessions are logged. You can view the resource, type, account, and source IP address of any session. √ √ Historical session audit All closed historical sessions are logged.
A CBH system uses the EulerOS operating system and provides a wide range of functional modules, including user management, resource management, policy, audit, and ticket modules.
Logging The CBH system records audit logs for all operations on users' personal data, including adding, modifying, querying, and deleting data. The logs can be backed up to a remote server or local computer.
CBH Instance Editions Table 1 CBH instance editions Edition Function Description Edition Specifications Standard edition Basic functions: identity authentication, permission control, account management, and operation audit 10 20 50 100 200 500 1000 2000 5000 10000 Professional edition
Users in lower-level departments cannot view superior department information, including the organization structure, users, host resources, application resources, application publish servers, resource accounts, and policies and operation audit data configured by superior departments
Choose Audit > History Session. Figure 1 History Session The More operation in the Details column is removed from version 3.3.42.0 or later versions. (Optional) Select one or more history session logs. If no log is selected, all historical session logs are exported by default.
You need to verify system configurations in the department, user, resource, policy, ticket, audit, operation, and system modules.
Database audit allows you to audit database logs and operation commands. To this end, add databases to your bastion host and install local database tools for the bastion host to access databases.
Keyboard audit: You can enable this function to let the bastion host record all keyboard input information. Enable or disable watermarks on the web operation background. The watermark content is the login name of the current system user.
