检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
The database audit instance is in the Running state. For details about how to enable database audit, see Enable Database Audit. Procedure Log in to the management console. Select a region, click , and choose Security & Compliance > Database Security Service.
Parent topic: Configuring Audit Rules
How Do I Set Database Audit Rules for All Databases? By default, database audit complies with a full audit rule, which is used to audit all databases that are connected to the database audit instance. This audit rule is enabled by default.
What OSs Can I Install the Database Audit Agent On? To use database audit, you need to install its agent on the required database, application, or proxy side, and then connect to the database audit instance. The database audit agent can run on 64-bit Linux or 64-bit Windows.
Step 2: Enable Database Audit By default, database audit complies with a full audit rule, which is used to audit all databases that are connected to the database audit instance. You can enable audit and check audit results. For details, see Viewing the Audit Dashboard.
The maximum length of an audit statement or result set is 10,240 bytes. Excessive parts are not recorded in audit logs.
Parent topic: Configuring Audit Rules
What Do I Do If the Database Audit Agent Is Hibernating? After an agent is added for a database to be audited, the initial status of the agent will be Hibernating. To use database audit, you need to install the agent. Check the agent status after you installed it.
What Is the Process Name of the Database Audit Agent?
How Do I Interconnect with DBSS Audit Data Storage? You can enable automatic backup in DBSS to back up audit data to OBS buckets. Automatic backup requires fine-grained OBS authorization. For details, see Backing Up and Restoring Database Audit Logs.
Does Database Audit Support Offline or Non-Huawei Cloud Databases? Database audit supports databases on the cloud, on-premises, or on other clouds (the network connection between the database and the audit instance must be normal).
Is the Database Audit Function Available to Users Other Than the Buyer? No. For example, if you have two accounts (domain1 and domain2) in a region, and purchase database audit under the domain1 account, you cannot use the function under domain2.
Is There Any Restriction on the Gateway IP Address of DBSS Audit Instances? User servers cannot occupy the gateway IP address of DBSS audit instances. Parent topic: Product Consulting
How Do I View All Alarms in Database Audit? To check the alarms of database audit, perform the following steps: Log in to the management console. Select a region, click , and choose Security & Compliance > Database Security Service. The Dashboard page is displayed.
How Do I Check the Operation Logs of Database Audit? To check the operation logs of database audit, perform the following steps: Log in to the management console. Select a region, click , and choose Security & Compliance > Database Security Service.
Figure 5 Deleting SQL injection Parent topic: Configuring Audit Rules
Can DBSS Audit Databases Across Subnets? Yes, as long as the databases are in the same VPC. Parent topic: Product Consulting
How Do I Download a Database Audit Agent? Download and then install the agent on the database or application based on the add mode you chose. Each agent has a unique ID, which is used as the key for connecting to a database audit instance.
Does Database Audit (in Bypass Mode) Affect My Services? No. Your databases are audited in out-of-path mode. Database audit neither affects your services nor conflicts with local audit tools. Parent topic: Functions
Enabling and Using Database Audit (by Installing Agents) Process Overview Purchasing DBSS Step 1: Add a Database Step 2: Add an Agent Step 3: Download and Install the Agent Step 4: Add a Security Group Rule Step 5: Enable Database Audit
