All Products
Search
Document Center

Tair (Redis® OSS-Compatible):DescribeAuditRecords

最終更新日:Dec 19, 2024

Queries the audit logs of a Tair (Redis OSS-compatible) instance.

Operation description

This operation can be called up to 100 times per minute. You can also query audit logs in the ApsaraDB for Redis console. For more information, see Query audit logs of an instance.

Before you call this operation, make sure that the instance meets the following requirements:

  • The instance is an ApsaraDB for Redis Community Edition instance or an ApsaraDB for Redis Enhanced Edition (Tair) DRAM-based instance.
  • The engine version of the instance is Redis 4.0 or later.
  • The audit log feature is enabled for the instance. For more information, see ModifyAuditLogConfig .

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
kvstore:DescribeAuditRecordsget
*DBInstance
acs:kvstore:{#regionId}:{#accountId}:instance/{#instanceId}
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
InstanceIdstringYes

The ID of the instance.

r-bp1zxszhcgatnx****
NodeIdstringNo

The ID of the node in the instance. You can set this parameter to query the data of a specified node.

Note
  • This parameter is available only for read/write splitting or cluster instances of ApsaraDB for Redis.

  • You can call the DescribeLogicInstanceTopology operation to query node IDs.

r-bp1zxszhcgatnx****-db-0
AccountNamestringNo

The username of the account. If you do not specify this parameter, this call applies to all accounts of the instance.

demo
DatabaseNamestringNo

The name of the database in the instance. If you do not specify this parameter, all databases are queried. Valid values: 0 to 255. 0 specifies the database 0.

0
QueryKeywordsstringNo

The keyword based on which the audit logs are queried. You can specify a command as a keyword to query logs. By default, all commands are queried.

Note You can specify only a single keyword in each call.
maxclients
HostAddressstringNo

The IP address of the client. If you do not specify this parameter, this call applies to all clients.

127.0.0.1
PageSizeintegerNo

The number of entries to return on each page.

Enumeration Value:
  • 30
  • 50
  • 100
30
PageNumberintegerNo

The number of the page to return.

1
StartTimestringYes

The beginning of the time range to query. Specify the time in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.

2019-03-24T12:10:00Z
EndTimestringYes

The end of the time range to query. The end time must be later than the start time. Specify the time in the yyyy-MM-ddTHH:mm:ssZ format. The time must be in UTC.

Note We recommend that you specify a time range of 10 minutes or less because audit logs contain a great number of entries. Do not specify a time range that is longer than one day.
2019-03-25T12:10:00Z

Response parameters

ParameterTypeDescriptionExample
object
EndTimestring

The end time of the query.

2019-03-25T12:10:00Z
StartTimestring

The start time of the query.

2019-03-24T12:10:00Z
RequestIdstring

The ID of the request.

9F5EB478-824E-4AC4-8D2B-58F31A02****
InstanceNamestring

The name of the instance.

r-bp1zxszhcgatnx****
TotalRecordCountinteger

The total number of returned entries.

22222
PageNumberinteger

The page number of the returned page.

1
PageSizeinteger

The maximum number of entries returned per page.

30
Itemsarray<object>

The collection of returned audit log entries.

SQLobject
HostAddressstring

The IP address of the client.

127.0.0.1
SQLTextstring

The command that was run.

CONFIG GET maxmemory
DatabaseNamestring

The database name.

demo
SQLTypestring

The type of the command.

non_read_write
ExecuteTimestring

The time when the command was run.

2019-03-25T03:22:08Z
TotalExecutionTimesstring

The amount of time consumed to run the command.

0
NodeIdstring

The ID of the node.

Note A specific node ID is returned only if the instance uses the cluster or read/write splitting architecture.
r-bp1zxszhcgatnx****-db-0
AccountNamestring

The username of the account.

demo
IPAddressstring

The IP address of the instance.

192.16.100.***

Examples

Sample success responses

JSONformat

{
  "EndTime": "2019-03-25T12:10:00Z",
  "StartTime": "2019-03-24T12:10:00Z",
  "RequestId": "9F5EB478-824E-4AC4-8D2B-58F31A02****",
  "InstanceName": "r-bp1zxszhcgatnx****",
  "TotalRecordCount": 22222,
  "PageNumber": 1,
  "PageSize": 30,
  "Items": {
    "SQL": [
      {
        "HostAddress": "127.0.0.1",
        "SQLText": "CONFIG GET maxmemory",
        "DatabaseName": "demo",
        "SQLType": "non_read_write",
        "ExecuteTime": "2019-03-25T03:22:08Z",
        "TotalExecutionTimes": "0",
        "NodeId": "r-bp1zxszhcgatnx****-db-0",
        "AccountName": "demo",
        "IPAddress": "192.16.100.***"
      }
    ]
  }
}

Error codes

HTTP status codeError codeError messageDescription
400IncorrectDBInstance.NotSupportedThis instance do not support log audit.This instance does not support audit log related services
400InvalidEndTime.Invalidpecified end time is before this service active time.-
400InvalidStartTime.MalformedThe Specified parameter StartTime is not valid.-
400InvalidEndTime.MalformedThe Specified parameter EndTime is not valid.The end time is invalid. Specify the time in the yyyy-MM-ddTHH:mmZ format. The time must be in UTC. Example: 2011-06-11T16:00Z.
400InvalidPageSize.MalformedThe specified parameter PageSize is not valid.-
400InvalidPageNumbers.MalformedSpecified page number is not valid.-
400InvalidQueryTime.FormatSpecified query time is not valid.-

For a list of error codes, visit the Service error codes.