Setting SQL Audit

Function

This API is used to set a policy for SQL audit logs.

Before calling this API, learn how to authenticate it.
Before calling this API, learn about request header parameters.

Constraints

This API is available only to RDS for MySQL and RDS for PostgreSQL.

URI

URI format
PUT /v3/{project_id}/instances/{instance_id}/auditlog-policy

Parameter description

**Table 1** Parameters
Parameter	Mandatory	Description
project_id	Yes	Project ID of a tenant in a region. To obtain the value, see Obtaining a Project ID.
instance_id	Yes	Specifies the DB instance ID.

Request

**Table 2** Parameters
Parameter	Mandatory	Type	Description
keep_days	Yes	Integer	Number of days for storing audit logs. The value range is from 0 to 732. 0: indicates that SQL audit is disabled. 1 to 732: indicates the retention days for audit logs after SQL audit is enabled.
reserve_auditlogs	No	Boolean	This parameter is valid only when SQL audit is disabled. true (default): indicates that historical audit logs will be reserved for some time when SQL audit is disabled. false: indicates that historical audit logs will be deleted immediately when SQL audit is disabled.
audit_types	No	Array of strings	This parameter applies only to RDS for MySQL. Operation types recorded in audit logs. This parameter is valid only when audit logging is enabled. If this parameter is left blank, all operation types will be recorded by default. CREATE_USER, DROP_USER, RENAME_USER, GRANT, REVOKE, ALTER_USER, ALTER_USER_DEFAULT_ROLE CREATE, ALTER, DROP, RENAME, TRUNCATE, REPAIR, OPTIMIZE INSERT, DELETE, UPDATE, REPLACE, SELECT BEGIN/COMMIT/ROLLBACK,PREPARED_STATEMENT,CALL_PROCEDURE,KILL,SET_OPTION,CHANGE_DB,UNINSTALL_PLUGIN,INSTALL_PLUGIN,SHUTDOWN,SLAVE_START,SLAVE_STOP,LOCK_TABLES,UNLOCK_TABLES,FLUSH,XA

Example Request

Enable SQL Audit and set the audit log retention period to 5 days.

PUT https://{endpoint}/v3/0483b6b16e954cb88930a360d2c4e663/instances/cee5265e1e5845649e354841234567dfin01/auditlog-policy

{
    "keep_days":5,
    "audit_types": [
    "CREATE_USER"
    ]
}

Disable SQL Audit and delete existing historical audit logs.
```
{
    "keep_days":0,
    "reserve_auditlogs":false
}
```

Response

Normal response

**Table 3** Parameters
Parameter	Type	Description
status	String	Definition Result of setting SQL audit. Range COMPLETED

Example normal response
```
{
  "status":"COMPLETED"
}
```
Abnormal response
For details, see Abnormal Request Results.

Status Code

Normal
200
Abnormal
For details, see Status Codes.

Error Code

For details, see Error Codes.

Parent topic: Log Information Queries

Previous topic: Obtaining Links for Downloading Error Logs (RDS for PostgreSQL)

Next topic: Querying the Policy for SQL Audit Logs

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot