Adding SQL Statements to the Whitelist
You can add trusted SQL statements to the whitelist. Database audit will ignore whitelisted SQL statements.
Constraints and Limitations
The risky SQL statements can be added to the whitelist in data reports.
After the SQL whitelist is modified, the modification does not take effect on the audited data.
Adding Scanned SQL Statements
- Log in to the DBSS console.
- Click
in the upper left corner on the displayed page and select a region. - In the navigation tree on the left, choose Data Reports.
- In the Instance drop-down list, select the instance whose session information you want to view.
- Click the Statements tab to view risky SQL statements.
- Add SQL statements to the whitelist.
- Add a single SQL statement.
- Click Add to Whitelist in the Operation column of an SQL statement.
- In the displayed dialog box, select the database and description of the SQL statement. Figure 1 Adding to the SQL whitelist
- Click OK.
- Add SQL statements in batches.
- Select the target SQL statement and click One-Click Whitelisting. Figure 2 One-click whitelisting
- In the displayed dialog box, select the databases and descriptions of the SQL statements. Figure 3 Adding to the SQL whitelist
- Click OK.
- Select the target SQL statement and click One-Click Whitelisting.
- Add a single SQL statement.
Adding a Custom SQL Statement to the Whitelist
- Log in to the DBSS console.
- Click
in the upper left corner on the displayed page and select a region. - In the navigation tree on the left, choose Rules.
- In the Instance drop-down list, select an instance.
- Click the SQL Whitelist tab.
- Click Add.
- In the displayed dialog box, enter the SQL statement, applicable database, and description. Figure 4 Adding an SQL statement to the whitelist
- Confirm the information and click OK.
References
- You can add an audit scope rule. For details, see Configuring an Audit Scope Rule.
- You can add a custom SQL rule to audit all the database connected to database audit. For details, see Configuring SQL Injection Rules.
- You can add a risky operation rule to audit risky operations on databases. For details, see Managing Risky Operation Rules.
- To mask sensitive information in entered SQL statements, you can enable the function of masking privacy data and configure masking rules to prevent sensitive information leakage. For details, see Configuring Privacy Data Protection Rules.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot