The SQL audit feature is designed to help you quickly identify SQL statements that may have potential issues, and enhance security audit capability.
Background information
The SQL audit feature supports querying SQL statements based on the following conditions:
User
IP address
Operation type
In addition, this feature supports exporting query results.
Procedure
Enable SQL audit.
On the SQL Audit tab, click Start SQL Audit.
In the pop-up dialog box, make the following configurations:
Target for Enablement: If this check box is selected, SQL audit will be enabled for all tenants in this cluster.
Storage Duration: Select the appropriate retention time based on your needs to make full use of resources.
Click Enable.
Set filter items.
Click Expand to view all filter items.
(Optional) Set the filter items based on your actual needs.
Filter item
Description
Database
Select one or more databases.
Node
Select one or more nodes.
Keywords
Enter one or more keywords that may exist in the problematic SQL statements. The relationship between the keywords can be AND or OR.
Time Range
You can select the last 5 minutes, 30 minutes, 1 hour, 6 hours, 1 day, or a custom time range. The time range cannot exceed 24 hours.
Username
Select one or more user names.
Operation Type
Select one or more operation types from the drop-down list.
Client IP Address
Enter the IP address of the client.
Execution Duration (ms)
Enter the execution duration for the target SQL statement.
Scan Records
Enter the range of scan records to view.
View the query results, including: SQL Statement, Database, User, Client IP Address, Operation Type, Execution Result, Request Time, Execution Duration (ms), Scanned Rows, and Updated Rows.
You can sort the results by the Execution Duration (ms), Scanned Rows, or Update Rows column.
Click Export to download the query results.
NoteCurrently, only the first 100 data records can be exported.