After you enable the audit log feature of Tair (Redis OSS-compatible), you can query the records of data writes, updates, and deletions in audit logs. You can also use audit logs to troubleshoot issues or analyze performance-related events, such as a sudden increase in resource consumption by an instance.
Prerequisites
To enable the audit log feature, a Resource Access Management (RAM) user must have the permissions to manage Simple Log Service.
You can attach the AliyunLogFullAccess system policy to a RAM user. After the RAM user is granted the permissions defined in the system policy, the RAM user can manage all Logstores. For more information, see Grant permissions to a RAM user.
You can also customize a policy to restrict the RAM user to only manage the audit logs of Tair (Redis OSS-compatible) instances.
Background information
When you want to view database access records, investigate the cause of a sudden increase in resource consumption by a Tair (Redis OSS-compatible) instance, or trace records of data being modified or deleted, the audit logs from Tair (Redis OSS-compatible) can provide you with detailed clues.
View audit logs
Log on to the console and go to the Instances page. In the top navigation bar, select the region in which the instance is deployed. Then, find the instance and click its ID.
In the left-side navigation pane, choose .
On the Audit Logs page, view the audit log information of the instance.
Filter the audit logs of an instance
Tair (Redis OSS-compatible) allows you to view the audit logs that meet specified filter conditions.
Log on to the console and go to the Instances page. In the top navigation bar, select the region in which the instance that you want to manage resides. Then, find the instance and click the instance ID.
In the left-side navigation pane, choose .
On the Audit Logs page, specify conditions to filter audit logs.
Table 1. Filter conditions
Filter condition
Description
Keyword
The keywords that are included in the audit logs you want to view. A keyword can be a client IP address, a command, a username, or other extended information.
NoteThe Keyword field supports exact match. You must enter complete information in the Keyword field. Examples:
If you want to specify an IPv4 address as a keyword, you must enter a complete IP address such as 192.168.1.1, not a partial IP address such as 192.168 or 1.1.
If you want to specify a command as a keyword, you must enter a complete command such as AUTH or auth, not a partial command such as au.
If a keyword contains a colon (:), you must enclose the keyword in a pair of double quotation marks (""). Example: "userId:1".
Type
The type of audit logs. Valid values:
redis_audit_log: the audit logs of data shards.
redis_proxy_audit_log: the audit logs of proxy nodes.
NoteThis parameter is available only if the instance uses the read/write splitting architecture or the cluster architecture in proxy mode. By default, the console displays the IP addresses of proxy nodes for cluster and read/write splitting instances. To obtain the IP address of your cluster or read/write splitting instance, set ptod_enabled to 1. For more information, see Configure instance parameters.
Account
The account used to connect to the instance. Default value: null. For more information about accounts, see Create and manage database accounts.
Client IP address
The client IP address used to connect to the instance.
DB
The database whose audit logs you want to query.
View the audit logs of an instance over a specified time range
You can use the time picker to specify a time range to query.
Log on to the console and go to the Instances page. In the top navigation bar, select the region in which the instance that you want to manage resides. Then, find the instance and click the instance ID.
In the left-side navigation pane, choose .
On the Audit Logs page, click Time Range.
Specify a time range to query audit logs.
Related API operations
API operation | Description |
Enables or disables the audit log feature and specifies a retention period for audit logs. | |
Queries the audit log configurations of an instance. The configurations include whether the audit log feature is enabled and the retention period of audit logs. | |
Queries the audit logs of an instance. |