Step 5: Enable Database Audit

By default, database audit complies with a full audit rule, which is used to audit all databases that are connected to the database audit instance. You can enable audit and check audit results. For details, see Viewing the Audit Dashboard.

Prerequisites

The status of the agent is Running.

Enabling Database Audit

For details about how to install agents, see Step 3.
For details about how to add a security group rule, see Step 4.
Log in to the management console.
Click and choose Security > Database Security Service. The Dashboard page is displayed.
In the navigation tree on the left, choose Databases.
Select a database audit instance from the Instance drop-down list.
In the database list, click Enable in the Operation column of the database you want to audit.

The Audit Status of the database is Enabled. You do not need to restart the database.

Figure 1 Enabling database audit

Verifying Audit Results

Run an SQL statement (for example, show databases) in the target database.
Log in to the management console.
Click and choose Security > Database Security Service. The Dashboard page is displayed.
In the navigation tree on the left, choose Data Reports. The Data Reports page is displayed.
In the Instance drop-down list, select the instance that audits the target database.
Click the Statements tab.
Locate the row that contains the target time, click , select the start time and end time, and click Submit. In the upper part of the list, select All time, Last 30 minutes, Last hour, Today, Last week, Last month, or Custom.
Figure 2 Viewing SQL statements
- If the entered SQL statement is not displayed, the connection between the agent and the database audit instance is abnormal. Rectify the fault by following the instructions in What Do I Do If the Communication Between the Agent and Database Audit Instance Is Abnormal?