检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
(Optional) Set the filtering criteria and search for the related audit logs. Figure 1 Search settings View the logs in the list. Parent topic: Operation Guide for Audit Administrators
Parent topic: Operation Guide for Audit Administrators
The database to be audited and the database audit instance you purchased must be in the same region. Ensure the VPC of the database audit instance is the same as that of the node (application side or database side) where you plan to install the database audit agent.
(Linux OS) Where Are the Logs of the Database Audit Agent Saved? The path for saving agent logs is /opt/dbss_audit_agent/log/audit_agent.log. Parent topic: Agent
Configuring Oracle RAC Cluster Audit When using DBSS for an Oracle RAC cluster, each node in the cluster is regarded as an independent database and requires an agent to forward network traffic.
Creating an Audit Instance in Yearly/Monthly Billing Mode (To Be Brought Offline) Function Creating an Audit Instance in Yearly/Monthly Billing Mode URI POST /v2/{project_id}/dbss/audit/charge/period/order Table 1 Path Parameters Parameter Mandatory Type Description project_id Yes
In the navigation tree on the left, choose Audit Rules. In the Instance drop-down list, select the instance whose session information you want to view. Click the SQL Whitelist tab to view all SQL statement whitelists. Manage the whitelist.
Check the audit status of the database to be audited. If Audit Status is Enabled, go to Checking the Security Group Rules of the Database Audit Instance. If Audit Status is Disabled, click Enable to enable the database audit function.
How Many Database Audit Instances Can I Purchase in the Same Region? No restrictions. Parent topic: Billing FAQs
will audit all instances in the database.
will audit all instances in the database.
Adding an SQL Whitelist You can add risky SQL statements to the whitelist. The SQL statements in the whitelist will be ignored during the audit. Constraints and Limitations The risky SQL statements can be added to the whitelist in data reports. Procedure Log in to the management console
Parent topic: Enabling and Using Database Audit (by Installing Agents)
Installing the Agent on CCE Cluster Nodes Importing Configurations to OBS Creating a ConfigMap Creating an Agent DaemonSet Workload Parent topic: Deploying the Database Audit Agent in a Container
How Do I Audit an RDS Database Accessed through Intranet (by Applications Off the Cloud)? If your PC accesses RDS through a private line, you can install the agent on a proxy your set up. Access from the proxy to the database can be audited.
Creating an Agent DaemonSet Workload After you create a ConfigMap, deploy the database audit agent and configure database information in the agent DaemonSet. Your database can then be connected to the database audit instance.
The agent will obtain database access traffic, upload traffic statistics to the audit system, receive audit system configuration commands, and report database monitoring data.
The configurations will be used to deploy the database audit agent in batches in the cloud storage of the agent container workload.
Creating a ConfigMap Create a ConfigMap to store the database information required by the agent container workload. The ConfigMap is used as a file in the workload. Procedure In the navigation pane, choose Configuration Center > ConfigMaps. Click Create ConfigMap. Configure parameters
Step 3: Download and Install the Agent Downloading an Agent Installing an Agent (Linux OS) Installing an Agent (Windows OS) Parent topic: Enabling and Using Database Audit (by Installing Agents)
