Help Center/ Database Security Service/ Best Practices/ Checking for Dirty Tables
Updated on 2026-02-02 GMT+08:00
View PDF
Share

Checking for Dirty Tables

Scenario

Configure a rule to detect operations on dirty tables. You can configure unnecessary databases, tables, and columns as dirty tables. Programs that access the dirty tables will be marked as suspicious programs.

In this way, you can detect the SQL statements that access dirty tables and detect data security risks in a timely manner.

Prerequisites

You have configured unnecessary databases, tables, or columns.

Procedure

  1. Log in to the management console.
  2. Select a region, click , and choose Security & Compliance > Database Security Service. The Dashboard page is displayed.
  3. In the navigation pane, choose Rules.
  4. In the Instance drop-down list, select an instance.
  5. Click the Risky Operations tab.
  6. In the Basic Information area, set Risk Level to High.
  7. (Optional) Configure an IP address or IP address segment, or all the IP addresses will be checked by default.
  8. Select Operation and All operations. Configure unnecessary databases, tables, or columns, as shown in Figure 1.

    Figure 1 Adding a dirty table detection rule

  9. Click Save.

Viewing Dirty Table Detection Results

You can view the SQL statements that are dirty table on the Data Reports > Statements.

  1. Log in to the management console.
  2. Select a region, click , and choose Security & Compliance > Database Security Service. The Dashboard page is displayed.
  3. In the navigation pane, choose Dashboard.
  4. In the Instance drop-down list, select the instance whose data reduction statement information you want to view.
  5. Click the Statements tab.
  6. Set filter criteria to query SQL statements.

    • You can select All, 30 minutes, 1 hour, 24 hours, 7 days, 30 days, or a custom time range from the drop-down list in the upper left corner of the list. Click Custom, select the start time and end time, and click OK. The SQL statements in the time range are displayed in the list.
    • You can select an attribute from the drop-down list or search by keyword. Set Risk Severity (the default value in the dirty table detection rule is High) and click Submit.

    • A maximum of 10,000 records can be retrieved in a query.

  7. In the Operation column of an SQL statement, click Details. For more information, see Table 1.

    Table 1 SQL statement parameters

    Parameter

    Description

    Session ID

    ID of an SQL statement, which is automatically generated

    Database Instance

    Database where an SQL statement is executed

    Database Type

    Type of the database where an SQL statement is executed

    Database User

    Database user for executing an SQL statement

    Client MAC Address

    MAC address of the client where an SQL statement is executed

    Database MAC Address

    MAC address of the database where an SQL statement is executed

    Client IP Address

    IP address of the client where an SQL statement is executed

    Database IP Address/Domain Name

    IP address of the database where an SQL statement is executed

    Client Port

    Port of the client where an SQL statement is executed

    Database Port

    Port of the database where the SQL statement is executed

    Client Name

    Name of the client where an SQL statement is executed

    Operation Type

    Type of an SQL statement operation

    Operation Object Type

    Type of an SQL statement operation object

    Response Result

    Response to an SQL statement

    Affected Rows

    Number of rows affected by executing an SQL statement

    Start

    Time when an SQL statement starts to be executed

    End

    Time when the SQL statement execution ends

    SQL Statement

    Name of an SQL statement

    Request Result

    Result of requesting for executing an SQL statement

View Dirty Table Detection Rules

Choose Rules and click the Risky Operations tab.Here you can manage slow SQL settings.

  • Enable

    In the row containing the dirty table detection rule, click Enable in the Operation column.

  • Edit

    In the row containing the dirty table detection rule, click Edit in the Operation column.

  • Disable

    In the row containing the dirty table detection rule, click Disable in the Operation column. Disabled rules will not be audited.

  • Delete

    In the row containing the dirty table detection rule, click Delete in the Operation column. To add the rule again, follow the instructions in Adding Risky Operations.