TDSQL for MySQL has database audit capability, which can record access to databases and executions of SQL statements to help you manage risks and improve the database security.
Enabling SQL Audit
1. Log in to the TDSQL for MySQL console, select Database Audit on the left sidebar, select a region at the top, click the Audit Instance tab, and click Disabled to filter audit-disabled instances.
Note:
Alternatively, in Audit Instance on the Audit Log tab, directly search for audit-disabled instances and then enable audit for them.
2. On the Audit Instance tab, click the ID of the target instance to enter the enablement page, indicate your consent to the agreement, and click Enable Now.
Note:
You can select 7 days, 30 days, 3 months, 6 months, 1 year, 3 years, or 5 years as the audit log retention period. You can also modify it in the console after enabling audit. For more information, see Modifying Log Retention Period.
In order to meet the security compliance requirements for the retention period of SQL logs, we recommend you select 180 days or above.
Viewing Audit Log
After enabling audit, you can view SQL audit logs on the Audit Log tab. For more information, see Viewing Audit Logs
