Updated on 2024-05-07 GMT+08:00

ALTER AUDIT POLICY

Description

Modifies the unified audit policy.

Precautions

  • Only users with the poladmin or sysadmin permission, or the initial user can perform this operation.
  • The unified audit policy takes effect only after enable_security_policy is set to on.

Syntax

Add or delete an operation type in the audit policy.

ALTER AUDIT POLICY [ IF EXISTS ] policy_name { ADD | REMOVE } { privilege_audit_clause | access_audit_clause };

Modify the filter criteria in the audit policy.

ALTER AUDIT POLICY [ IF EXISTS ] policy_name MODIFY ( filter_group_clause );

Delete the filter criteria from the audit policy.

ALTER AUDIT POLICY [ IF EXISTS ] policy_name DROP FILTER; 

Modify the description of the audit policy.

ALTER AUDIT POLICY [ IF EXISTS ] policy_name COMMENTS policy_comments;

Enable or disable the audit policy.

ALTER AUDIT POLICY [ IF EXISTS ] policy_name { ENABLE | DISABLE };
  • privilege_audit_clause
    DDL operation type and target resource label in the audit policy.
    1
    PRIVILEGES ({ DDL | ALL } [ ON LABEL ( resource_label_name [, ... ] ) ])
    
  • access_audit_clause
    DML operation type and target resource label in the audit policy.
    ACCESS ({ DML | ALL } [ ON LABEL ( resource_label_name [, ... ] ) ])
  • filter_group_clause
    Filter criteria in the audit policy.
    1
    FILTER ON { filter_type ( filter_value [, ... ] ) } [, ... ]
    

Parameters

  • policy_name

    Specifies the audit policy name, which must be unique.

    Value range: a string. It must comply with the naming convention.

  • DDL

    Specifies the operations that will be audited within the database: ALTER, ANALYZE, COMMENT, CREATE, DROP, GRANT, REVOKE, SET, and SHOW.

  • ALL

    Indicates all operations supported by the specified DDL statements in the database.

  • DML

    Specifies the operations that are audited within the database: COPY, DEALLOCATE, DELETE_P, EXECUTE, REINDEX, INSERT, PREPARE, SELECT, TRUNCATE, and UPDATE.

  • FILTER_TYPE

    Specifies a type of information to be filtered by the audit policy. The value can be IP, ROLES, or APP.

  • filter_value

    Indicates the detailed information to be filtered.

  • policy_comments

    Records description information of audit policies.

  • ENABLE|DISABLE

    Enables or disables the unified audit policy.

Examples

See Examples in section "CREATE AUDIT POLICY."