SQL Audit
The SQL Audit feature helps you quickly identify problematic SQL statements to improve your security audit capabilities. This topic describes the procedure.
Enable SQL Audit
Log on to the OceanBase Management Console .
In the navigation pane on the left, click Instance List.
On the Instance List page, click the name of the target instance to open the instance workspace.
In the navigation pane on the left, click Diagnosis.
On the Diagnosis page, select the target tenant from the drop-down list.
On the SQL Audit tab, click Enable SQL Audit.
In the dialog box that appears, set the following parameters and then click Enable.
NoteEnsure that the AccessKey ID and AccessKey secret have the following API permissions:
PostLogStoreLogs: Writes logs to a Logstore.
GetLogStore: Views the metadata of a Logstore.
Parameter
Description
Enable an object
Select this option to enable SQL Audit for all tenants in the cluster.
Project
The name of the Simple Log Service (SLS) project.
Logstore
The name of the SLS Logstore.
AccessKey ID
The access ID for SLS, used to identify the user.
AccessKey secret
The key used to encrypt the signature string and for SLS to authenticate the signature string. Keep this key confidential.
Modify SLS push settings
On the SQL Audit page, click Modify SLS Push.
In the dialog box that appears, modify the parameters and click OK.
Disable SQL Audit
On the SQL Audit page, click Disable Service.
In the text box that appears, enter close and then click Disable.