Last updated：2020-12-02 17:27:47
The database audit feature records activities of an instance in real time. You can use the audit logs to perform fine-grained auditing on the instance to manage its compliance. This feature records users' access to the database. You can analyze the records to effectively trace and audit actions such as unauthorized operations and malicious intrusions.
Note: The database audit feature is in public preview. You can submit a ticket to activate this feature and use it for free.
The database audit feature is disabled by default. To enable this feature, perform the following operations: Go to the details page of an instance and click Database audit in the left navigation pane. The Audit Log Query tab appears by default. Click the Turn on database auditing button or link.
To disable the database audit feature for an instance, go to the details page of the instance and click Turn off database audit. Audit logs are not recorded after the database audit feature is disabled.
You can query audit logs by time range, keyword, database, user, client IP address, status, or SQL statement. Notes: You can enter multiple keywords, databases, users, or client IP addresses that are separated with slashes (/). Supported SQL statements: SELECT, INSERT, UPDATE, DELETE, LOGIN, LOGOUT, MERGE, ALTER, CREATEINDEX, DROPINDEX, CREATE, DROP, SET, DESC, REPLACE, CALL, BEGIN, DESCRIBE, FLUSH, USE, SHOW, START, and COMMIT.
The database audit feature records all database operations. To avoid a query timeout due to excessive SQL statements, the audit log list displays up to 10,000 audit logs. If the number of audit logs exceeds 10,000, we recommend that you export the audit logs for check.
Click Export Audit Result. The Audit Log Result Export dialog box appears.
Select export fields and click Export. The audit logs are automatically exported.
Click View Export History. The Audit Log Export History dialog box appears.
When the export progress is Export Completed, you can click Download to export the audit logs.
Click Monitoring chart. The system automatically generates statistical charts within the selected time range by SQL type and SQL statement based on existing audit logs. The charts help you understand the overall audit statistics more easily.
SQL types include DCL, DDL, DML, DQL, and OTHER. OTHER indicates all statements other than DCL, DDL, DML, and DQL statements.
Click the Audit Log Analysis tab on the Database audit page.
The visual charts and SQL templates help you analyze the audit logs.