检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Database audit can be enabled only if the audited object is connected to the database audit instance. To install the agent on a Windows OS, perform the following operations. Prerequisites You have added an agent to your database.
You can use DBSS instances to protect and audit the databases built on RDS, ECS, and BMS. DBSS works with Resource Management Service (RMS) and Tag Management Service (TMS). You can view DBSS instance information on the platform of these services. Parent topic: Security
Overview When to Renew Subscriptions If a yearly/monthly DBSS instance is about to expire but you want to continue using it, you need to renew the database audit instance subscription within a specified period, or the instance will be released and data will be lost and cannot be restored
To use database audit, you need to install its agent on database nodes or application nodes.
After this function is disabled, database audit will not store the result sets of user SQL statements. Do not enable this function if you want to prepare for PCI DSS/PCI 3DS CSS certification. Note: The result set storage supports only the database audit in agent mode.
Billing Analysis Database audit of the basic edition: July 01, 2023, 15:30:00 to July 20, 2023, 08:59:59. Database audit of the professional edition: July 20, 2023, 09:00:00 to August 31, 2023, 23:59:59.
Table 1 Nodes to install agents Node Scenario Audit Scope Configuration Database Self-built database on ECS/BMS All access records of applications that have accessed the database Set Installing Node Type to Database.
It can audit your databases, detect SQL injection attacks, and identify high-risk operations. This document describes how to use application programming interfaces (APIs) to create, query, and delete instance and rules. For details about all supported operations, see API.
If multiple applications (ECSs) are connected to the RDS you want to audit, you need to deploy the agent on all the ECSs. See Figure 1.
You need to add the risky operation again if a risky operation is deleted and you need to audit its rule. Parent topic: Other Operations
Enabling or Disabling an Agent Function This API is used to enable or disable the agent audit function. An enabled agent collects user access information. Calling Method For details, see Calling APIs.
URI POST /v2/{project_id}/{instance_id}/audit/databases/switch Table 1 URI parameter Parameter Mandatory Parameter Type Description project_id Yes String Project ID. instance_id Yes String Instance ID.
URI POST /v1/{project_id}/{instance_id}/audit/databases Table 1 URI parameter Parameter Mandatory Parameter Type Description project_id Yes String Project ID. instance_id Yes String Instance ID.
URI GET /v2/{project_id}/{instance_id}/audit/agents Table 1 URI parameter Parameter Mandatory Parameter Type Description project_id Yes String Project ID. instance_id Yes String Instance ID. You can obtain the value from the ID field in the API for querying the instance list.
URI GET /v2/{project_id}/audit/databases/rds Table 1 URI parameter Parameter Mandatory Parameter Type Description project_id Yes String Project ID.
URI GET /v1/{project_id}/dbss/audit/quota Table 1 URI parameter Parameter Mandatory Parameter Type Description project_id Yes String Project ID. Request Parameter Table 2 Request header parameter Parameter Mandatory Parameter Type Description X-Auth-Token Yes String User token.
URI GET /v2/{project_id}/dbss/audit/availability-zone Table 1 URI parameter Parameter Mandatory Parameter Type Description project_id Yes String Project ID.
URI GET /v1/{project_id}/dbss/audit/specification Table 1 URI parameter Parameter Mandatory Parameter Type Description project_id Yes String Project ID.
The value can be: RDS: RDS database ECS: self-built database rds_audit_switch_mismatch Boolean The audit switch status of the RDS instance does not match.
URI POST /v2/{project_id}/{instance_id}/audit/databases/rds Table 1 URI parameter Parameter Mandatory Parameter Type Description project_id Yes String Project ID. instance_id Yes String Instance ID.