ListSensitiveDataAuditLog - Data Management - Alibaba Cloud Documentation Center

Queries the audit logs for sensitive information.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Debug

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

Parameter	Type	Required	Description	Example
StartTime	string	Yes	The beginning of the time range for which you want to query the audit logs for sensitive information. Specify the time in the yyyy-MM-DD HH:mm:ss format.	2022-11-18 10:00:00
EndTime	string	Yes	The end of the time range for which you want to query the audit logs for sensitive information. Specify the time in the yyyy-MM-DD HH:mm:ss format.	2022-11-18 11:00:00
ModuleName	string	No	The function module whose audit logs you want to query for sensitive data. If you do not specify this parameter, all audit logs are queried. Valid values: SQL_CONSOLE: data query SQL_CONSOLE_EXPORT: query result export DATA_CHANGE: data change DATA_EXPORT: data export	SQL_CONSOLE
OpUserName	string	No	The username of the requester.	ExampleOpUserName
DbName	string	No	The name of the database that stores the sensitive data.	ExampleDbName
TableName	string	No	The name of the table that stores the sensitive data.	ExampleTableName
ColumnName	string	No	The name of the column that contains sensitive data.	ExampleColumnName
PageSize	integer	Yes	The number of entries to return on each page. Example: 100	100
PageNumber	integer	Yes	The number of the page to return.	1
Tid	long	No	The ID of the tenant.	3***

Response parameters

Parameter	Type	Description	Example
	object	Schema of Response
RequestId	string	The ID of the request.	E0D21075-CD3E-4D98-8264-FD8AD04A63B6
TotalCount	long	The total number of entries returned.	100
ErrorCode	string	The error code returned if the request failed.	403
ErrorMessage	string	The error message returned if the request failed.	UnknownError
Success	boolean	Indicates whether the request was successful. Valid values: true: The request was successful. false: The request failed.	true
SensitiveDataAuditLogList	array<object>	The audit logs for sensitive data.
SensitiveDataAuditLogList	object
UserName	string	The username of the requester.	ExampleUserName
UserId	long	The user ID of the requester.	1**
ModuleName	string	The name of the function module whose audit logs were queried.	SQL_CONSOLE
DbDisplayName	string	The name of the database that stores the sensitive data.	ExampleDbName@xxx.xxx.xxx.xxx:3306
OpTime	string	The time when the operation was performed. The time is in the yyyy-MM-DD HH:mm:ss format.	2022-11-18 10:01:00
InstanceId	long	The ID of the instance.	12****
TargetName	string	The details of the object on which the operation was performed. The value of this parameter is in one of the following formats: Object name - object ID Object name (object ID)	Ticket - 1\\\\
SensitiveDataLog	array<object>	The logs for sensitive data.
SensitiveDataLog	object
TableName	string	The name of the table that stores the sensitive data.	ExampleTableName
ColumnName	string	The name of the column that contains sensitive data.	ExampleColumnName
SecurityLevel	string	The sensitivity level of the data. Valid values: Low Medium High	Low
ColumnPermissionType	string	The permission that the user has on the column. Valid values: No permission Partial redaction Plaintext Change Enable data masking Disable data masking	Change
DesensitizationRule	string	The algorithm used for data masking.	Default - Full redaction

Examples

Sample success responses

JSONformat

{
  "RequestId": "E0D21075-CD3E-4D98-8264-FD8AD04A63B6",
  "TotalCount": 100,
  "ErrorCode": "403",
  "ErrorMessage": "UnknownError",
  "Success": true,
  "SensitiveDataAuditLogList": [
    {
      "UserName": "ExampleUserName",
      "UserId": 0,
      "ModuleName": "SQL_CONSOLE",
      "DbDisplayName": "ExampleDbName@xxx.xxx.xxx.xxx:3306",
      "OpTime": "2022-11-18 10:01:00",
      "InstanceId": 0,
      "TargetName": "Ticket - 1\\*\\*\\*\\*\n",
      "SensitiveDataLog": [
        {
          "TableName": "ExampleTableName",
          "ColumnName": "ExampleColumnName",
          "SecurityLevel": "Low\n",
          "ColumnPermissionType": "Change\n",
          "DesensitizationRule": "Default - Full redaction\n"
        }
      ]
    }
  ]
}

Error codes

For a list of error codes, visit the Service error codes.

Change history

Change time	Summary of changes	Operation

No change history