检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
policy. gaussdb=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; -- Perform the SELECT operation on the database to create an audit policy. gaussdb=# CREATE AUDIT POLICY adt2 ACCESS SELECT; -- Create an audit policy to audit only the CREATE operations performed on the adt_lb0 resource
policy. gaussdb=# CREATE AUDIT POLICY adt1 PRIVILEGES CREATE; -- Perform the SELECT operation on the database to create an audit policy. gaussdb=# CREATE AUDIT POLICY adt2 ACCESS SELECT; -- Create an audit policy to audit only the CREATE operations performed on the adt_lb0 resource
Using CTS to Audit DLI With CTS, you can log operations related to DLI, making it easier to search, audit, and trace in the future.
To modify the audit policy, click Set Audit Policy. In the dialog box that is displayed, modify the audit policy. Figure 2 Modifying the audit policy Disable the audit policy. After the audit policy is disabled, no audit log is generated. To disable the audit policy, click .
What Is Database Audit? Database audit is deployed in out-of-path mode. It records user access to the database in real time, generates fine-grained audit reports, sends real-time alarms for risky operations and attack behaviors.
Kubernetes Audit Logs Table 1 Kubernetes audit logs Log Type Component Log Stream Description Kubernetes audit logs audit audit-{{clusterID}} An audit log is a chronological record of user operations on Kubernetes APIs and control plane activities for security.
Viewing Audit Logs Scenarios Operations performed in the last seven days are recorded by CTS. This section describes how to view the operation records on the CTS console. Procedure Log in to the management console.
Parent topic: Audit Instance
Viewing Audit Logs After you enable CTS, the system starts recording operations on CGS. Operation records generated during the last seven days can be viewed on the CTS console. Viewing a CGS Trace on the CTS Console Log in to the management console.
Viewing Audit Logs After you enable CTS, it starts recording operations on ESM. CTS stores operation records for the last seven days. This section describes how to view the operation records on the CTS console. Procedure Log in to the management console.
The operator, type, and information about audit logs are displayed. Figure 1 Viewing audit logs Parent topic: Audit Logs
What Are the Functions of Database Audit? Database audit is deployed in out-of-path pattern and can perform flexible audit on databases built on ECS, BMS, and RDS without affecting services.
Parent topic: Audit Instance
Querying Audit Summary Information Function This API is used to query audit summary information. Calling Method For details, see Calling APIs.
The default value is on, indicating that the audit function is enabled. In addition to the overall audit configuration, each audit item can be independently configured. The function of each audit item takes effect only after the configuration is enabled.
Bit 9 Whether to audit the CREATE, DROP, and ALTER operations on resource pools.
Adding an Audit Database Agent Function This API is used to add an audit database agent. Calling Method For details, see Calling APIs.
Operation Audit audit_system_object Parameter description: Specifies whether to audit the CREATE, DROP, and ALTER operations on database objects. Database objects include databases, users, schemas, and tables.
SQL Audit Errors UGO.10100001 The SQL text file is too large UGO.10100002 Password encryption or decryption error UGO.10100005 The parameter is incorrect UGO.10100006 The audit task queue is full UGO.10100007 The number of rule templates has reached the limit UGO.10100008 Incorrect
For details about how to enable the cloud audit service, see Enabling CTS.
