Help Center/ GaussDB/ User Guide/ Logs and Auditing/ Interconnecting with LTS and Querying Database Audit Logs
Updated on 2025-08-11 GMT+08:00
View PDF
Share

Interconnecting with LTS and Querying Database Audit Logs

Scenarios

Audit logs capture database start, stop, and connection events, along with DDL, DML, and DCL operations. Each log includes the event time, type, result, username, database, connection details, affected object, instance name, and port number. Security administrators can use these logs to reconstruct events leading to the current database state and identify unauthorized operations, including who performed them, when, and what was done, strengthening traceability and accountability.

If Upload Audit Logs to LTS is enabled for a GaussDB instance, new audit logs of it are automatically uploaded to Log Tank Service (LTS) and you can search for logs, monitor logs, download logs, and view real-time logs on the LTS console.

Precautions

  • To apply for the permission needed for enabling Upload Audit Logs to LTS, submit a service ticket. The default permission only allows you to upload audit logs for centralized instances. To also enable audit log upload for distributed instances, clarify your requirement in the application when creating the service ticket.
  • The DB engine version must be V2.0-2.1.0 or later.
  • Audit logs record all requests sent to your DB instance and are stored in LTS.
  • Toggling on or off this function will not be applied immediately. There is a delay of about 10 minutes.
  • For details about how to enable or disable the audit log function, configure audit_enabled.
  • For details about the parameters for controlling audit logs, see Audit Items.
  • You will be billed for this function. For details, see LTS Pricing Details.
  • After this function is enabled, audit policies you configured are reported to LTS by default.

Enabling Upload Audit Logs to LTS

  1. Log in to the management console.
  2. Click in the upper left corner and select a region and project.
  3. Click in the upper left corner of the page and choose Databases > GaussDB.
  4. In the navigation pane on the left, choose Instances.
  5. Click the instance name to go to the Basic Information page.
  6. In the navigation pane on the left, click Audit Logs.
  7. Click next to Upload Audit Logs to LTS.
  8. In the displayed dialog box, configure Log Group and Log Stream.

    If you enable log reporting to LTS for the first time, click View Log Groups to log in to the LTS console and configure log groups and log streams. For details, see Managing Log Groups and Managing Log Streams.

    Figure 1 Enabling Upload Audit Logs to LTS

  9. Click OK.

    After this function is enabled, audit logs will not be uploaded immediately to LTS. There is a delay of about 10 minutes. For details, see Viewing Real-Time Logs.

Disabling Upload Audit Logs to LTS

  1. Log in to the management console.
  2. Click in the upper left corner and select a region and project.
  3. Click in the upper left corner of the page and choose Databases > GaussDB.
  4. In the navigation pane on the left, choose Instances.
  5. Click the instance name to go to the Basic Information page.
  6. In the navigation pane on the left, click Audit Logs.
  7. Click next to Upload Audit Logs to LTS.
  8. In the displayed dialog box, confirm the information.

    Figure 2 Disabling Upload Audit Logs to LTS

  9. In the displayed dialog box, click OK.
Parent Topic: Logs and Auditing