DescribeAuditRecords - Tair (Redis® OSS-Compatible) - Alibaba Cloud Documentation Center

Queries the audit logs of an ApsaraDB for Redis instance.

Operation description

This operation can be called up to 100 times per minute. You can also query audit logs in the ApsaraDB for Redis console. For more information, see Query audit logs of an instance.

Before you call this operation, make sure that the instance meets the following requirements:

The instance is an ApsaraDB for Redis Community Edition instance or an ApsaraDB for Redis Enhanced Edition (Tair) DRAM-based instance.
The engine version of the instance is Redis 4.0 or later.
The audit log feature is enabled for the instance. For more information, see ModifyAuditLogConfig .

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
kvstore:DescribeAuditRecords	get	DBInstance acs:kvstore:{#regionId}:{#accountId}:instance/{#instanceId}	none	none

Request parameters

Parameter	Type	Required	Description	Example
InstanceId	string	Yes	The ID of the instance.	r-bp1zxszhcgatnx****
NodeId	string	No	The ID of the node in the instance. You can set this parameter to query the data of a specified node. Note This parameter is available only for read/write splitting or cluster instances of ApsaraDB for Redis. You can call the DescribeLogicInstanceTopology operation to query node IDs.	r-bp1zxszhcgatnx****-db-0
AccountName	string	No	The username of the account. If you do not specify this parameter, this call applies to all accounts of the instance.	demo
DatabaseName	string	No	The name of the database in the instance. If you do not specify this parameter, all databases are queried. Valid values: 0 to 255. 0 specifies the database 0.	0
QueryKeywords	string	No	The keyword based on which the audit logs are queried. You can specify a command as a keyword to query logs. By default, all commands are queried. Note You can specify only a single keyword in each call.	maxclients
HostAddress	string	No	The IP address of the client. If you do not specify this parameter, this call applies to all clients.	127.0.0.1
PageSize	integer	No	The number of entries to return on each page. Enumeration Value: 30 50 100	30
PageNumber	integer	No	The number of the page to return.	1
StartTime	string	Yes	The beginning of the time range to query. Specify the time in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.	2019-03-24T12:10:00Z
EndTime	string	Yes	The end of the time range to query. The end time must be later than the start time. Specify the time in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC. Note We recommend that you specify a time range of 10 minutes or less because audit logs contain a great number of entries. Do not specify a time range that is longer than one day.	2019-03-25T12:10:00Z

Response parameters

Parameter	Type	Description	Example
	object
EndTime	string	The end time of the query.	2019-03-25T12:10:00Z
StartTime	string	The start time of the query.	2019-03-24T12:10:00Z
RequestId	string	The ID of the request.	9F5EB478-824E-4AC4-8D2B-58F31A02****
InstanceName	string	The name of the instance.	r-bp1zxszhcgatnx****
TotalRecordCount	integer	The total number of returned entries.	22222
PageNumber	integer	The page number of the returned page.	1
PageSize	integer	The maximum number of entries returned per page.	30
Items	array<object>	The collection of returned audit log entries.
SQL	object
HostAddress	string	The IP address of the client.	127.0.0.1
SQLText	string	The command that was run.	CONFIG GET maxmemory
DatabaseName	string	The database name.	demo
SQLType	string	The type of the command.	non_read_write
ExecuteTime	string	The time when the command was run.	2019-03-25T03:22:08Z
TotalExecutionTimes	string	The amount of time consumed to run the command.	0
NodeId	string	The ID of the node. Note A specific node ID is returned only if the instance uses the cluster or read/write splitting architecture.	r-bp1zxszhcgatnx****-db-0
AccountName	string	The username of the account.	demo
IPAddress	string	The IP address of the instance.	192.16.100.***

Examples

Sample success responses

JSONformat

{
  "EndTime": "2019-03-25T12:10:00Z",
  "StartTime": "2019-03-24T12:10:00Z",
  "RequestId": "9F5EB478-824E-4AC4-8D2B-58F31A02****",
  "InstanceName": "r-bp1zxszhcgatnx****",
  "TotalRecordCount": 22222,
  "PageNumber": 1,
  "PageSize": 30,
  "Items": {
    "SQL": [
      {
        "HostAddress": "127.0.0.1",
        "SQLText": "CONFIG GET maxmemory",
        "DatabaseName": "demo",
        "SQLType": "non_read_write",
        "ExecuteTime": "2019-03-25T03:22:08Z",
        "TotalExecutionTimes": "0",
        "NodeId": "r-bp1zxszhcgatnx****-db-0",
        "AccountName": "demo",
        "IPAddress": "192.16.100.***"
      }
    ]
  }
}

Error codes

HTTP status code	Error code	Error message	Description
400	IncorrectDBInstance.NotSupported	This instance do not support log audit.	This instance does not support audit log related services
400	InvalidEndTime.Invalid	pecified end time is before this service active time.	-
400	InvalidStartTime.Malformed	The Specified parameter StartTime is not valid.	-
400	InvalidEndTime.Malformed	The Specified parameter EndTime is not valid.	The end time is invalid. Specify the time in the yyyy-MM-ddTHH:mmZ format. The time must be in UTC. Example: 2011-06-11T16:00Z.
400	InvalidPageSize.Malformed	The specified parameter PageSize is not valid.	-
400	InvalidPageNumbers.Malformed	Specified page number is not valid.	-
400	InvalidQueryTime.Format	Specified query time is not valid.	-

For a list of error codes, visit the Service error codes.