Viewing Audit Logs

Usage Notes

• No audit logs are generated for operations on internal connections.
• Commands that are always audited include BIGKEYS, KEYS, FLUSHALL, FLUSHDB, SCRIPT, CLIENT, and CONFIG.
• Audit logs are only generated for the following commands that you need to configure many parameters for:

  BITOP, MSETNX, PFCOUNT, PFMERGE, HDEL, HMGET, HMSET, HSET, LPUSH, LPUSHX, SADD, SREM, ZADD, GEOADD, GEOHASH, BFINSERT, BFMADD, and BFMEXISTS.

• An audit log is generated only when EXEC executes more than 100 commands in a transaction.
• Logs of GeminiDB Redis instances in Redis Cluster cannot be audited.

Enabling Audit Log Reporting to LTS

To use this function, choose Service Tickets > Create Service Ticket in the upper right corner of the console and contact customer service.

1. Log in to the Huawei Cloud console.
2. In the service list, choose Databases > GeminiDB Redis API.
3. In the navigation pane, choose Log Reporting.
4. Locate the row containing your target instance and click in the Report Audit Log to LTS column.
5. Select an LTS log group and log stream and click OK.
   

   You will be billed for enabling this function. For details, see LTS pricing details.

   Figure 1 Enabling audit log reporting to LTS
   

Viewing Log Details

1. Log in to the Huawei Cloud console.
2. Click in the upper left corner of the page. Under Management & Governance, click Log Tank Service.
3. On the Log Management page, click Log Groups, select a log group and log stream, and click the name of the selected log stream to go to the details page.
   Figure 2 Selecting a log stream
   

4. Set From now to select a relative time (15 minutes by default) in the upper right corner as needed.
5. On the Raw Logs tab, view the audit logs generated in the relative time period.
   Figure 3 Audit logs