Managing an SQL Statement Whitelist
You can manage the whitelist by adding, removing, editing, or disabling SQL statements.
Prerequisites
You have added the risky SQL statements to the whitelist.
Constraints and Limitations
After the SQL whitelist is modified, the modification does not take effect on the audited data.
Managing SQL Statement Whitelist
- Log in to the DBSS console.
- Click
in the upper left corner on the displayed page and select a region. - In the navigation tree on the left, choose Rules.
- In the Instance drop-down list, select an instance.
- Click the SQL Whitelist tab.
Viewing SQL Statement Whitelist
| Parameter | Description |
|---|---|
| SQL Statements | SQL statement added to the whitelist. |
| Description | Description of the whitelist item. |
| Applied to the Database | Database where the whitelist item is applied. It can be all databases or specific databases. |
| Created | Time when the whitelist item was created. |
| Last Updated | Last time when the whitelist item was updated. |
| Status | Status of the whitelist item.
|
Edit an SQL Statement
Click Edit in the Operation column of an SQL statement to modify the description and applied database.
Enabling an SQL Statement
Click Enable in the Operation column of the target SQL statement. Once enabled, this rule applies to subsequent audited SQL statements.
The SQL statements that match the whitelist rules will be marked as No risk. Previously audit statements are unaffected and will maintain their original risk levels.
Disabling an SQL Statement
Click Disable in the Operation column of the target SQL statement. Once disabled, this rule will not apply to subsequent audited SQL statements.
The SQL statements that match the whitelist rules will be audited and may generate alarms. Previously audit statements are unaffected.
After the SQL statement is disabled, there is a delay of about 1 minute.
Deleting an SQL Statement from the Whitelist
- Click Delete in the Operation column of an SQL statement. After the deletion, the SQL statement will be checked during audit. To restore this whitelist item, you need to add it again.
- To delete multiple SQL statements from the whitelist, select the SQL statements, click Delete All, and confirm the deletion.
References
- You can add an audit scope rule. For details, see Configuring an Audit Scope Rule.
- You can add a custom SQL rule to audit all the database connected to database audit. For details, see Configuring SQL Injection Rules.
- You can add a risky operation rule to audit risky operations on databases. For details, see Managing Risky Operation Rules.
- To mask sensitive information in entered SQL statements, you can enable the function of masking privacy data and configure masking rules to prevent sensitive information leakage. For details, see Configuring Privacy Data Protection Rules.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot