Help Center/ Database Security Service/ User Guide (Kuala Lumpur Region)/ FAQs/ Agent/ What Do I Do If the Communication Between the Agent and Database Audit Instance Is Abnormal?
Updated on 2023-01-10 GMT+08:00

What Do I Do If the Communication Between the Agent and Database Audit Instance Is Abnormal?

Symptom

An agent has been installed on the database or application, but the SQL statement is not displayed in the SQL statement list after you enter an SQL statement in the database.

Checking the Audited Database

  1. Log in to the management console.
  2. Select a region, click , and choose Security > Database Security Service. The Dashboard page is displayed.
  3. In the navigation tree on the left, choose Databases.
  4. In the Instance drop-down list, select the instance whose database is to be checked.
  5. Check the information about the database to be audited.

    • If the database information is correct, go to 6.
    • If the database information is incorrect, click Delete to delete the database, and then click Add Database to add the database again.
      • If the fault is rectified, no further operation is required.
      • If the problem persists, go to 6.

  6. Check the audit status of the database to be audited.

Checking the Security Group Rules of the Database Audit Instance

  1. Click next to the database to expand the details about the agent and record the value of Installing Node IP Address.
  2. Click Add Security Group Rule.
  3. In the displayed dialog box, record the security group name (for example, default) of the database audit instance.
  4. Click Go to VPC.
  5. In the security group list, enter the group name default in the search box in the upper right corner of the list, and click or press Enter. The group information is displayed in the list.
  6. Click the name of the security group default. Click the Inbound Rules tab.
  7. Check inbound rules of the security group default.

    Check whether TCP (port number 8000) and UDP protocols (port number from 7000 to 7100) are configured in the inbound rules of the security group for the IP address of the installing node in 1.

  8. Add inbound rules for the security group of the database audit instance.

    1. Click Add Rule. In the Add Inbound Rule dialog box, add TCP (port number 8000) and UDP protocols (port number from 7000 to 7100) for the installing node IP address in 1.
    2. Click OK.

Check the running status of the agent on the installing node.

  • Linux OS
    1. Log in to the node where the agent is installed as user root using SSH through a cross-platform remote access tool (such as PuTTY).
    2. Run the following command to view the running status of the agent:

      service audit_agent status

      • If the following information is displayed, the agent is running properly. Go to Verifying the Result.
        1
        audit agent is running.
        
      • If no information is displayed, the agent is running abnormally. Run the following command to restart the agent:

        service audit_agent restart

Verifying the Result

In your database, run an SQL statement on the node where the agent is installed. Choose Overview > Statements and then search for the executed statement.
  • If the SQL statement is found, the problem has been solved.
  • If the SQL statement is not found, the problem persists. Contact customer service.