Help Center/ Database Security Service/ API Reference/ API/ Querying on the Management Side/ Querying User Operation Logs

Updated on 2024-11-01 GMT+08:00

Online Debugging

CLI Examples

View PDF

Querying User Operation Logs

Function

This API is used to query the operation logs.

Calling Method

For details, see Calling APIs.

URI

POST /v1/{project_id}/{instance_id}/dbss/audit/operate-log

**Table 1** URI parameter
Parameter	Mandatory	Parameter Type	Description
project_id	Yes	String	Project ID.
instance_id	Yes	String	Instance ID. You can obtain the value from the ID field in the API for querying the instance list.

Request Parameter

**Table 2** Request header parameter
Parameter	Mandatory	Parameter Type	Description
X-Auth-Token	Yes	String	User token. The token can be queried by calling the IAM API. (The token is the value of X-Subject-Token in the response header.)

**Table 3** Request body parameter
Parameter	Mandatory	Type	Description
time	No	TimeRangeBean object	Query time range
user_name	No	String	Operation log username
action	No	String	Action CREATE DELETE DOWNLOAD UPDATE
page	No	String	Page number
size	No	String	Number of records on each page.

**Table 4** TimeRangeBean
Parameter	Mandatory	Parameter Type	Description
end_time	No	String	Start time. This parameter must be used together with end_time. The format must be yyyy-MM-dd HH:mm:ss. Time when an action occurred, in UTC time.
start_time	No	String	End time. This parameter must be used together with start_time. The format must be yyyy-MM-dd HH:mm:ss. Time when an action occurred, in UTC time.
time_range	No	String	Query time range. This parameter cannot be used together with start_time and end_time. If they are used together, this parameter has a higher priority. HALF_HOUR HOUR THREE_HOUR TWELVE_HOUR DAY WEEK MONTH

Response Parameters

Status code: 200

**Table 5** Response body parameter
Parameter	Parameter Type	Description
total_num	Integer	Total number
operate_log	Array of OperateLogInfo objects	Operation log list

**Table 6** OperateLogInfo
Parameter	Parameter Type	Description
id	String	Operation log ID.
user	String	Operation log username
time	String	Time when a record is generated. The format is timestamp.
action	String	Operation type of a record. The value can be: create update delete download
function	String	Function type of the record.
name	String	Operation object of a record
description	String	Description of a record
result	String	Execution result of a record. The value can be: success fail

Status code: 400

**Table 7** Response body parameter
Parameter	Parameter Type	Description
error	Object	Error message.

**Table 8** ErrorDetail
Parameter	Parameter Type	Description
error_code	String	Error code
error_msg	String	Error message

Status code: 403

**Table 9** Response body parameter
Parameter	Parameter Type	Description
error	Object	Error message.

**Table 10** ErrorDetail
Parameter	Parameter Type	Description
error_code	String	Error code
error_msg	String	Error message

Status code: 500

**Table 11** Response body parameters
Parameter	Parameter Type	Description
error	Object	Error message.

**Table 12** ErrorDetail
Parameter	Parameter Type	Description
error_code	String	Error code
error_msg	String	Error message

Example Request

/v1/{project_id}/{instance_id}/dbss/audit/operate-log

{
  "time" : {
    "time_range" : "HOUR"
  },
  "page" : 1,
  "size" : 10
}

Example Responses

Status code: 200

Succeeded

{
  "total_num" : 3,
  "operate_log" : [ {
    "id" : "1LJP-HgBCwCqSg3BVuAp",
    "user" : "hby-test",
    "time" : "2021-04-22 06:40:52",
    "function": "Database list",
    "action": "Delete",
    "name" : "db01 ",
    "description":": Delete the audited database,
    "result" : "success"
  }, {
    "id" : "07JO-HgBCwCqSg3ByOAD",
    "user" : "hby-test",
    "time" : "2021-04-22 06:40:15",
    "function": "Database list",
    "action": "Update",
    "name" : "db01 ",
    "description": "Close the audit client",
    "result" : "success"
  }, {
    "id" : "ULKM93gBCwCqSg3BZeD1",
    "user" : "hby-test",
    "time" : "2021-04-22 03:07:56",
    "function": "Database list",
    "action": "Create",
    "name" : "db01",
    "description": "Create a new database",
    "result" : "success"
  } ]
}

Status code: 400

Request Parameter Error

{
  "error" : {
    "error_code" : "DBSS.XXXX",
    "error_msg" : "XXX"
  }
}

Status code: 500

Internal Server Error

{
  "error" : {
    "error_code" : "DBSS.XXXX",
    "error_msg" : "XXX"
  }
}

Example SDK Code

The sample code is as follows.

Java

    
     
       
       
         package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.dbss.v1.region.DbssRegion;
import com.huaweicloud.sdk.dbss.v1.*;
import com.huaweicloud.sdk.dbss.v1.model.*;


public class ListAuditOperateLogsSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        DbssClient client = DbssClient.newBuilder()
                .withCredential(auth)
                .withRegion(DbssRegion.valueOf("<YOUR REGION>"))
                .build();
        ListAuditOperateLogsRequest request = new ListAuditOperateLogsRequest();
        request.withInstanceId("{instance_id}");
        OperateLogGetRequest body = new OperateLogGetRequest();
        TimeRangeBean timebody = new TimeRangeBean();
        timebody.withTimeRange("HOUR");
        body.withSize("10");
        body.withPage("1");
        body.withTime(timebody);
        request.withBody(body);
        try {
            ListAuditOperateLogsResponse response = client.listAuditOperateLogs(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

        

      

    
   

Python

    
     
       
       
         # coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkdbss.v1.region.dbss_region import DbssRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkdbss.v1 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = DbssClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(DbssRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = ListAuditOperateLogsRequest()
        request.instance_id = "{instance_id}"
        timebody = TimeRangeBean(
            time_range="HOUR"
        )
        request.body = OperateLogGetRequest(
            size="10",
            page="1",
            time=timebody
        )
        response = client.list_audit_operate_logs(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

        

      

    
   

Go

    
     
       
       
         package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    dbss "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dbss/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dbss/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dbss/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := dbss.NewDbssClient(
        dbss.DbssClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.ListAuditOperateLogsRequest{}
	request.InstanceId = "{instance_id}"
	timeRangeTime:= "HOUR"
	timebody := &model.TimeRangeBean{
		TimeRange: &timeRangeTime,
	}
	sizeOperateLogGetRequest:= "10"
	pageOperateLogGetRequest:= "1"
	request.Body = &model.OperateLogGetRequest{
		Size: &sizeOperateLogGetRequest,
		Page: &pageOperateLogGetRequest,
		Time: timebody,
	}
	response, err := client.ListAuditOperateLogs(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

        

      

    
   

For more SDK code examples in various programming languages, see the Sample Code tab on the right of the API Explorer page, which can automatically generate the corresponding SDK code examples.

Status Code

Status Code	Description
200	Success
400	Incorrect request parameter.
403	Authentication failed.
500	Internal Server Error

Error Codes

For details, see Error Codes.

Parent topic: Querying on the Management Side

Previous topic: Querying AZ Information

Next topic: Audit Instance

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot