Audit and Logs
Audit
- Cloud Trace Service (CTS)
CTS is a log audit service intended for cloud security. It records operations on the cloud resources in your account. You can use the logs generated by CTS to perform security analysis, track resource changes, audit compliance, and locate faults.
After you enable CTS and configure a tracker, CTS can record management and data traces of RDS for auditing.
For details about how to enable and configure CTS, see Enabling CTS.
- For details about RDS for MySQL management and data traces that can be tracked by CTS, see Key Operations Supported by CTS.
- For details about RDS for PostgreSQL management and data traces that can be tracked by CTS, see Key Operations Supported by CTS.
- For details about RDS for SQL Server management and data traces that can be tracked by CTS, see Key Operations Supported by CTS.
- For details about RDS for MariaDB management and data traces that can be tracked by CTS, see Key Operations Supported by CTS.
- Database Security Service (DBSS)
DBSS is based on machine learning and big data analytics technologies. It provides functions such as database audit, SQL injection attack detection, and risky operation identification to ensure the security of databases on the cloud.
You are advised to use DBSS to provide extended data security capabilities. For details, see Database Security Service.
Advantages:
- DBSS can help you meet security compliance requirements.
- DBSS can help you comply with DJCP (graded protection) standards for database audit.
- DBSS can help you comply with security laws and regulations, and provide compliance reports that meet data security standards (such as Sarbanes-Oxley).
- DBSS can back up and restore database audit logs and meet the audit data retention requirements.
- DBSS can monitor risks, sessions, session distribution, and SQL distribution in real time.
- DBSS can report alarms for risky behavior and attacks and respond to database attacks in real time.
- DBSS can locate internal violations and improper operations and keep data assets secure.
Deployed in bypass pattern, database audit can perform flexible audits on the database without affecting user services.
- Database audit monitors database logins, operation types (data definition, operation, and control), and operation objects based on risky operations to effectively audit the database.
- Database audit analyzes risks and sessions, and detects SQL injection attempts so you can stay apprised of your database status.
- Database audit provides a report template library to generate daily, weekly, or monthly audit reports according to your configurations. It sends real-time alarm notifications to help you obtain audit reports in a timely manner.
- DBSS can help you meet security compliance requirements.
Logs
RDS for MySQL
- You can view database-level logs, including error logs and slow SQL query logs.
For details about error logs, see Viewing and Downloading Error Logs.
- Slow query logs record statements that exceed long_query_time (1s by default). You can view log details and statistics to identify statements that are executing slowly and optimize the statements.
For details, see Viewing and Downloading Slow Query Logs.
- You can view failover or switchover logs to evaluate the impact on your workloads.
For details, see Viewing Failover/Switchover Logs.
- If you enable SQL Audit, the system records all SQL operations in audit logs to audit operations such as adding, deleting, modifying, and querying data.
For details, see Enabling the SQL Audit Function.
RDS for PostgreSQL
- Error logs contain logs generated while the database is running. They can help you analyze database problems.
For details, see Viewing and Downloading Error Logs.
- Slow query logs record statements that exceed log_min_duration_statement. You can view log details and statistics to identify statements that are executing slowly and optimize the statements.
For details, see Viewing and Downloading Slow Query Logs.
RDS for SQL Server
- System logs contain logs generated while the database is running. They can help you analyze database problems.
For details, see Viewing and Downloading System Logs.
- Slow query logs record statements that exceed long_query_time (1s by default). You can view log details to identify statements that are executing slowly and optimize the statements.
For details, see Viewing and Downloading Slow Query Logs.
- SQL Audit is enabled for RDS for SQL Server instances by default. The system records major change operations on services, databases, and tables in audit logs to audit operations such as adding, deleting, modifying, and querying data.
For details, see Viewing and Downloading Audit Logs.
RDS for MariaDB
- You can view database-level logs, including error logs and slow SQL query logs.
For details about error logs, see Viewing and Downloading Error Logs.
- Slow query logs record statements that exceed long_query_time (1s by default). You can view log details and statistics to identify statements that are executing slowly and optimize the statements.
For details, see Viewing and Downloading Slow Query Logs.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
