SQL Audit

更新时间:
复制 MD 格式

The SQL Audit feature helps you quickly identify problematic SQL statements to improve your security audit capabilities. This topic describes the procedure.

Enable SQL Audit

  1. Log on to the OceanBase Management Console .

  2. In the navigation pane on the left, click Instance List.

  3. On the Instance List page, click the name of the target instance to open the instance workspace.

  4. In the navigation pane on the left, click Diagnosis.

  5. On the Diagnosis page, select the target tenant from the drop-down list.

  6. On the SQL Audit tab, click Enable SQL Audit.

  7. In the dialog box that appears, set the following parameters and then click Enable.

    Note

    Ensure that the AccessKey ID and AccessKey secret have the following API permissions:

    • PostLogStoreLogs: Writes logs to a Logstore.

    • GetLogStore: Views the metadata of a Logstore.

    Parameter

    Description

    Enable an object

    Select this option to enable SQL Audit for all tenants in the cluster.

    Project

    The name of the Simple Log Service (SLS) project.

    Logstore

    The name of the SLS Logstore.

    AccessKey ID

    The access ID for SLS, used to identify the user.

    AccessKey secret

    The key used to encrypt the signature string and for SLS to authenticate the signature string. Keep this key confidential.

Modify SLS push settings

  1. On the SQL Audit page, click Modify SLS Push.

  2. In the dialog box that appears, modify the parameters and click OK.

Disable SQL Audit

  1. On the SQL Audit page, click Disable Service.

  2. In the text box that appears, enter close and then click Disable.