检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
User and Permission Audit audit_login_logout Parameter description: Specifies whether to audit the GaussDB user's login (including login success and failure) and logout. This parameter is a SIGHUP parameter. Set it based on instructions provided in Table 1.
User and Permission Audit audit_login_logout Parameter description: Specifies whether to audit the GaussDB user's login (including login success and failure) and logout. This parameter is a SIGHUP parameter. Set it based on instructions provided in Table 1.
Audit logs are generated for communication among tools or nodes in the database server. To save space occupied by audit logs and improve the query performance of audit logs, the low-risk scenarios cannot be audited by configuring the no_audit_client parameter.
User and Permission Audit audit_login_logout Parameter description: Specifies whether to audit the GaussDB user's login (including login success and failure) and logout. This is a SIGHUP parameter. Set it based on instructions in Table 1.
User and Permission Audit audit_login_logout Parameter description: Specifies whether to audit the GaussDB user's login (including login success and failure) and logout. This is a SIGHUP parameter. Set it based on instructions provided in Table 1.
Audit logs are generated for communication among tools or nodes in the database server. To save space occupied by audit logs and improve the query performance of audit logs, the low-risk scenarios cannot be audited by configuring the no_audit_client parameter.
Setting suggestion: Retain the default value to save space occupied by audit logs and improve audit log query performance.
Setting suggestion: Retain the default value to save space occupied by audit logs and improve audit log query performance.
How Do I Enable the Audit of INSERT, UPDATE, and DELETE Operations in GaussDB? You can enable the audit of INSERT, UPDATE, and DELETE operations on the GaussDB console. Specifically, perform the following operations: Log in to the management console.
Maintaining Audit Logs Maintaining Audit Logs Prerequisites You have the audit permission. Background Table 1 lists the configuration parameters related to audit logs and the parameter descriptions.
Helpful Links ALTER AUDIT POLICY and CREATE AUDIT POLICY Parent topic: SQL Syntax
ALTER AUDIT POLICY Function ALTER AUDIT POLICY modifies the unified audit policy. Precautions Only user poladmin, user sysadmin, or the initial user can perform this operation. The unified audit policy takes effect only after enable_security_policy is set to on.
Its default value is on, indicating that the audit function is enabled. In addition to the overall audit switch, each audit item has an independent switch. An audit item is available only after its own switch is turned on. The switch of each audit supports dynamic loading.
CREATE AUDIT POLICY Function CREATE AUDIT POLICY creates a unified audit policy. Precautions Only users with the poladmin or sysadmin permission, or the initial user can perform this operation.
Unified audit: The unified audit mechanism is a technology that implements efficient security audit management by customizing audit policies.
Unified audit: The unified audit mechanism is a technology that implements efficient security audit management by customizing audit policies.
Querying Audit Results Querying Audit Results Prerequisites Audit has been enabled. Audit of required items has been enabled. The database is running properly and a series of addition, modification, deletion, and query operations have been executed in the database.
ADM_AUDIT_SESSION ADM_AUDIT_SESSION displays all audit trail records concerning CONNECT and DISCONNECT. The audit information of GaussDB is mainly queried through the gs_query_audit function. This view exists in both PG_CATALOG and SYS schema.
ADM_AUDIT_SESSION ADM_AUDIT_SESSION displays all audit trail records concerning CONNECT and DISCONNECT. The audit information of GaussDB is mainly queried through the pg_query_audit function. This view exists in both the PG_CATALOG and SYS schemas.
ADM_AUDIT_SESSION ADM_AUDIT_SESSION displays all audit trail records concerning CONNECT and DISCONNECT. The audit information of GaussDB is mainly queried through the gs_query_audit function. This view exists in both PG_CATALOG and SYS schema.
