Help Center> Database Security Service> User Guide> Configuring Audit Rules> Adding an SQL Injection Rule
Updated on 2024-04-16 GMT+08:00
View PDF

Adding an SQL Injection Rule

You can add SQL injection rules to audit your databases.

Prerequisites

  • You have purchased a database audit instance and the Status is Running.
  • You have added a database and enabled database audit.
  • A database has been added.

Procedure

  1. Log in to the management console.
  2. Select a region, click , and choose Security & Compliance > Database Security Service. The Dashboard page is displayed.
  3. Click Add Rule and configure parameters.

    Figure 1 Adding an SQL injection rule
    Table 1 SQL injection rule parameters

    Parameter

    Description

    Example Value

    Name

    Name of an SQL rule.

    Postal Code SQL injection Rule

    Risk Level

    Level of risks matching a SQL rule. Its value can be:

    • High
    • Moderate
    • Low
    • No risk

    Moderate

    Status

    Enables or disables an SQL injection rule.

    • : enabled
    • : disabled

    Test Regular Expression

    Regular expression that checks for content in certain pattern.

    ^\d{6}$

    Data

    Content that matches the regular expression.

    Enter content and click Test to verify that the regular expression works properly.

    628307

    Result

    Test result. It can be:

    • Hit
    • Miss
      NOTE:

      If the test result is Hit, the regular expression is correct.

      If the test result is Miss, the regular expression is incorrect.

    Hit

  4. Confirm the information and click OK.
Parent topic: Configuring Audit Rules