Viewing Audit Logs

Last updated: 2025-05-23 17:53:14

Viewing Audit Logs

Last updated: 2025-05-23 17:53:14

This document describes how to view database audit logs and their list field.      
Note:
If the audit mode is rule-based audit, log parsing errors may occur when an SQL statement contains non-ASCII binary characters or special characters. Log parsing is normal if the audit mode is full audit.
When an SQL statement exceeds 32 KB, it may be truncated in logs, which may cause log parsing errors.
SQL statements executed via functions and stored procedures are not recorded in the audit logs.
A new version of the audit log page was released on July 12, 2023. The new version added a new audit log search field "Scanned Rows". For existing audit logs before this release date, the data in this field will be displayed as "-", and the corresponding downloaded files and APIs will be displayed as "-1".
The unit of the audit log field "Execution Time" has been adjusted to microseconds in a unified manner in the console and downloaded audit log files.
The unit of the audit log field "CPU Time" has been adjusted to microseconds in a unified manner in the console and downloaded audit log files.
The field "Timestamp" in the audit log files supports displaying millisecond-level time.
When searching audit logs, the character used to separate multiple search items is changed from comma to line break.
After enabling database audit, the storage regions of audit log files for instances in Tianjin, Taipei (China), and Shenzhen are different. Refer to the table below for the corresponding storage regions.
Instance Region
Audit Log Storage Region
Tianjin
Beijing
Taipei (China)
Hong Kong (China)
Shenzhen
Guangzhou
Prerequisite        
You have enabled audit service. For more information, see Enabling Audit Service.
Viewing Audit Logs      
Note:   
The audit log display time is down to milliseconds, facilitating more precise sorting and problem analysis of SQL commands.
1. Log in to the TDSQL-C for MySQL console.
2. Click Database Audit on the left sidebar.
3. Select a region at the top, click the Audit Log Storage Status field on the Audit Instance page, and select Enabled to filter instances with the audit service enabled.
4. Find the target instance in the audit instance list, or search for it by resource attribute in the search box, and click View Audit Log in the Operation column to enter the Audit Log tab and view logs.
﻿
Tool list
Tool
Description
Refresh
Click 
﻿
 to refresh the audit log list.
Customize List Fields
Click 
﻿
 to select fields you want to display in the list.
Download
Click 
﻿
 to generate a log file. In the pop-up window, you can select the log fields to be included in the downloaded file. Available options are All fields and Interaction with customize list fields. If you select Interaction with customize list fields, the downloaded log file will only contain the fields displayed in the list, and the field order will be the same as that in the list.
File List
Click 
﻿
 to access the audit log file list. You can query the information and download address of files that have been generated or are being generated. You can copy the download address to download a file and obtain the complete SQL audit logs.
Currently, only Tencent Cloud private network addresses are provided for downloading log files. You can download files via a Tencent Cloud CVM instance in the same region. (For example, to download the audit logs of a database instance in the Beijing region, use a CVM instance in the Beijing region.)
Log files are valid for 24 hours. You should download them promptly.
The number of log files for each database instance should not exceed 30. You need to delete the log files after download.
If the displayed status is Failed, there may be too many logs. You can narrow the time range to download log files in batches.
Filtering and Search Conditions
In the audit instance filter box, you can choose to switch to other audit instances that have enabled the audit service.
In the time box, the last 1 hour is selected by default. You can quickly select another time period (last 3 hours, last 24 hours, or last 7 days), or enter a custom time period, to view relevant audit logs within the chosen time period. 
Note:
You can select any time period with data for search. Up to the first 60,000 eligible records can be displayed.
In the search box, select search conditions, such as SQL command details, client IP address, user account, database name, table name, error code, SQL type, risk level, execution time (μs), lock wait time (μs), I/O wait time (ns), transaction duration (μs), CPU time (μs), audit rule, thread ID, transaction ID, number of scanned rows, number of affected rows, and number of returned rows, and perform search to view related audit logs. Separate multiple keywords by line breaks.
Search Item
Operator
Description
SQL Details
Include-OR-Segment
Rule Description
Enter the details of the SQL command and separate multiple keywords by line break.
The match items in the SQL command details search box are divided into three levels. The first level sets the forward and reverse matching modes (Include, Exclude); the second level sets the logical relationship between keywords (OR, AND); the third level sets each keyword matching mode (Segment, Wildcard).
Note:
The search of SQL command details is case-insensitive.
Include and Exclude match modes are supported.
Keywords support "OR" and "AND" logical match. "OR" means a "union" relationship between different keywords, and "AND" means an "intersection" relationship between different keywords.
Each keyword supports two match modes: "segment" and "wildcard". "Segment" means that each keyword in the SQL command details needs to be accurately matched, and "wildcard" means that fuzzy match is supported for each keyword in the SQL command details.
Example
For example, if the SQL command details are SELECT * FROM test_db1 join test_db2 LIMIT 1;,
In the "Include (segment)" search mode, you can search by segment keywords such as "SELECT", "select  from", "", "SELECT * FROM test_db LIMIT 1;", "from Test_DB". However, you can't search by wildcard keywords such as "SEL", "sel", and "test".
In the "Include (wildcard)" search mode, you can't search by wildcard keywords such as "SEL", "sel", "test", and "DB".
In the "Include (AND)" search mode, multiple keywords are in an "AND" relationship, which means you can query all SQL commands containing "SELECT" and "test_db" by entering keywords such as "SELECT" and "test_db".
In the "Include (OR)" search mode, multiple keywords are in an "OR" relationship, which means you can query all SQL commands containing "test_db1" and "test_db2" by entering keywords such as "test_db1" and "test_db2".
﻿
Include-AND-Segment
﻿
﻿
E‌xclude-AND-Segment
﻿
﻿
‌Include-OR-Wildcard
﻿
﻿
‌Include-AND-Wildcard
﻿
﻿
‌E‌xclude-AND-Wildcard
﻿
Client IP
Include
Exclude
Equal to
Not equal to
You can filter client IP addresses by using the wildcard "" and separate them by line break. For example, if you enter "client IP: 9.223.23.2", IP addresses that start with "9.223.23.2" will be searched.  
User Account
Include
Exclude
Equal to
Not equal to
Enter a user account and separate multiple keywords by line break.
Database Name
Include
Exclude
Equal to
Not equal to
Enter a database name and separate multiple keywords by line break.
Note:
The search of database name is case-insensitive.
Table Name
Equal to
Not equal to
Enter a table name. Table name search instructions are as follows:
It is case-insensitive.
The search format is DbName.TableName.
For example: If the database test_db contains the table test_table, to search for the table test_table, you need to enter: table name equal to test_db.test_table.
Note:
You can record up to 64 table names.
For the field "Table Name", it is supported in TXSQL 2.1.13 and later, as well as TXSQL 3.1.15 and later. Other versions do not support it. If support is required, upgrade to a version that supports this field.
Error Code
Equal to
Not equal to
Enter an error code and separate multiple keywords by line break.
SQL Type
Equal to
Not equal to
Select an SQL type from the drop-down list. Available types: ALTER, CHANGEUSER, CREATE, DELETE, DROP, EXECUTE, INSERT, LOGOUT, OTHER, REPLACE, SELECT, SET, UPDATE, and PREPARE. Multiple types can be selected at the same time.
Note:
The SQL type "PREPARE" is supported only in TXSQL 5.7 2.1.11 and later versions, as well as TXSQL 8.0 3.1.11 and later versions. You can upgrade to supported versions if needed.
Risk Level
Include
Exclude
Select low, medium, or high risk to filter the audit logs that meet the risk level settings of the rule template.
It also supports empty inputs, which indicate filtering the audit logs without risk level tags in the historical inventory.
Execution Time (μs)
Range format
Enter an execution time in the format of M-N, such as 10-100 or 20-200.
Lock Wait Time (μs)
Range format
Enter a lock wait time in the format of M-N, such as 10-100 or 20-200.
IO Wait Time (ns)
Range format
Enter an IO wait time in the format of M-N, such as 10-100 or 20-200.
Transaction Duration (μs)
Range format
Enter a transaction duration in the format of M-N, such as 10-100 or 20-200.
CPU Time (μs)
Range format
Enter a CPU time in the format of M-N, such as 10-100 or 20-200.
Audit Rule
Include
Exclude
Display the template IDs and names of all rule templates in a specific region. You can filter the audit logs meeting a specific rule template.
Supports empty inputs, which indicate filtering the audit logs without audit rule tags and the full audit logs not meeting rules in the historical inventory.
Supports searching for audit rules by rule template ID and rule template name.
Supports choosing multiple rule templates simultaneously.
Thread ID
Equal to
Not equal to
Enter a thread ID and separate multiple keywords by line break.
Transaction ID
Equal to
Not equal to
Enter a transaction ID and separate multiple keywords by line break.
Note：
For the field "Transaction ID", it is supported in TXSQL 2.1.11 and later, as well as TXSQL 3.1.15 and later. Other versions do not support it. If support is required, upgrade to a version that supports this field.
Currently, a transaction ID is generated only when an explicit transaction is added, deleted, or modified. Implicit transactions do not have a transaction ID.
Scanned Rows
Range format
Enter a range of scanned rows in the format of M-N, such as 10-100 or 20-200.                
Affected Rows
Range format
Enter a range of affected rows in the format of M-N, such as 10-100 or 20-200.
Returned Rows
Range format
Enter a range of returned rows returned in the format of M-N, such as 10-100 or 20-200.
Audit Fields            
The audit logs of TDSQL-C for MySQL support the following fields.
No.
Field
Supported Kernel Version
Field Description
1
Time
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
Record the start time when the operation occurred (SQL execution).
2
Risk Level
-
The risk level of an operation, categorized as low risk, medium risk, and high risk. For full audit, the risk level of logs that do not meet any audit rules will be displayed as "-".
3
Client IP
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
 IP address of the client initiating a database operation.
4
Database Name
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
Name of the database involved in an operation.
5
User Account
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
User account executing an operation.
6
SQL Type
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
Type of SQL statements, such as SELECT, INSERT, UPDATE, and DELETE.
7
SQL Details
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
The specific SQL command text being executed.
8
Error Code
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
When an error occurs during the execution of an SQL statement, an error code is generated. The error code is an integer used to identify a specific error type, with 0 indicating success.
9
Thread ID
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
Unique thread ID for each client connected to a database, which is used to identify which client executed a specific operation.
10
Transaction ID
TXSQL 5.7 ≥ 2.1.13
TXSQL 8.0 ≥ 3.1.15
Unique ID for each transaction in the storage engine that supports transactions (such as InnoDB), which is used to identify a specific transaction.
11
Scanned Rows
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
The number of rows scanned in a database during query execution, which can help you understand the query efficiency.
12
Returned Rows
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
The number of rows returned in the query results, which can help you understand the result set size.
13
Affected Rows
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
The number of rows actually affected when a modification operation (such as INSERT, UPDATE, or DELETE) is performed on a data table, which can help you understand the impact scope of the operation.
14
Execution Time (μs)
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
The time from starting execution of an SQL statement to finishing it, in microseconds. This field can help you understand the query performance.
15
CPU Time (μs)
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
The time spent executing SQL statement on the CPU, in microseconds. This field can help you understand the CPU usage during the query.
16
Lock Wait Time (μs)
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
The time spent waiting to acquire the database lock, in microseconds. This field can help you understand the lock contention situation of the query.
17
IO Wait Time (ns)
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
The waiting spent waiting for an I/O operation to complete, in nanoseconds. This field can help you understand the I/O performance of the query.
18
Transaction Duration (μs)
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
The total time consumed for a transaction from start to submission or rollback, in microseconds. This field can help you understand the performance of the transaction.
19
Audit Rule
TXSQL 5.7 ≥ 2.0.15
TXSQL 8.0 ≥ 3.0.1
It displays the rule template that the audit log meets. Upon clicking the corresponding rule template, the details of the rule template will be displayed, including the basic information, the parameter settings, and the modification record.
The value of the audit rule for the audit logs in the historical inventory is displayed as "-".
The value of the audit rule for the audit logs that don't meet rules is displayed as "-".  
20
Table Name
TXSQL 5.7 ≥ 2.1.13
TXSQL 8.0 ≥ 3.1.15
Names of specific data tables involved in the operation (if any).
Relationship Between SQL Statement Type and SQL Statement Mapping Object               
No.
SQL Statement Type
SQL Statement Mapping Object
0
OTHER
All other SQL statement types except the following
1
SELECT
SQLCOM_SELECT
2
INSERT
SQLCOM_INSERT, SQLCOM_INSERT_SELECT
3
UPDATE
SQLCOM_UPDATE, SQLCOM_UPDATE_MULTI
4
DELETE
SQLCOM_DELETE, SQLCOM_DELETE_MULTI, SQLCOM_TRUNCATE
5
CREATE
SQLCOM_CREATE_TABLE, SQLCOM_CREATE_INDEX, SQLCOM_CREATE_DB, SQLCOM_CREATE_FUNCTION, SQLCOM_CREATE_USER, SQLCOM_CREATE_PROCEDURE, SQLCOM_CREATE_SPFUNCTION, SQLCOM_CREATE_VIEW, SQLCOM_CREATE_TRIGGER, SQLCOM_CREATE_SERVER, SQLCOM_CREATE_EVENT, SQLCOM_CREATE_ROLE, SQLCOM_CREATE_RESOURCE_GROUP, SQLCOM_CREATE_SRS
6
DROP
SQLCOM_DROP_TABLE, SQLCOM_DROP_INDEX, SQLCOM_DROP_DB, SQLCOM_DROP_FUNCTION, SQLCOM_DROP_USER, SQLCOM_DROP_PROCEDURE, SQLCOM_DROP_VIEW, SQLCOM_DROP_TRIGGER, SQLCOM_DROP_SERVER, SQLCOM_DROP_EVENT, SQLCOM_DROP_ROLE, SQLCOM_DROP_RESOURCE_GROUP, SQLCOM_DROP_SRS
7
ALTER
SQLCOM_ALTER_TABLE, SQLCOM_ALTER_DB, SQLCOM_ALTER_PROCEDURE, SQLCOM_ALTER_FUNCTION, SQLCOM_ALTER_TABLESPACE, SQLCOM_ALTER_SERVER, SQLCOM_ALTER_EVENT, SQLCOM_ALTER_USER, SQLCOM_ALTER_INSTANCE, SQLCOM_ALTER_USER_DEFAULT_ROLE, SQLCOM_ALTER_RESOURCE_GROUP
8
REPLACE
SQLCOM_REPLACE, SQLCOM_REPLACE_SELECT
9
SET
SQLCOM_SET_OPTION, SQLCOM_RESET, SQLCOM_SET_PASSWORD, SQLCOM_SET_ROLE, SQLCOM_SET_RESOURCE_GROUP
10
EXECUTE
SQLCOM_EXECUTE
11
LOGIN
Database login behavior, which is not constrained by audit rules and is recorded by default.
12
LOGOUT
Database logout behavior, which is not constrained by audit rules and is recorded by default.
13
CHANGEUSER
User change behavior, which is not constrained by audit rules and is recorded by default.
14
PREPARE
-

Was this page helpful?

You can also Contact Sales or Submit a Ticket for help.

Yes

Feedback

Instance Region	Audit Log Storage Region
Tianjin	Beijing
Taipei (China)	Hong Kong (China)
Shenzhen	Guangzhou

Tool	Description
Refresh	Click to refresh the audit log list.
Customize List Fields	Click to select fields you want to display in the list.
Download	Click to generate a log file. In the pop-up window, you can select the log fields to be included in the downloaded file. Available options are All fields and Interaction with customize list fields. If you select Interaction with customize list fields, the downloaded log file will only contain the fields displayed in the list, and the field order will be the same as that in the list.
File List	Click to access the audit log file list. You can query the information and download address of files that have been generated or are being generated. You can copy the download address to download a file and obtain the complete SQL audit logs. Currently, only Tencent Cloud private network addresses are provided for downloading log files. You can download files via a Tencent Cloud CVM instance in the same region. (For example, to download the audit logs of a database instance in the Beijing region, use a CVM instance in the Beijing region.) Log files are valid for 24 hours. You should download them promptly. The number of log files for each database instance should not exceed 30. You need to delete the log files after download. If the displayed status is Failed, there may be too many logs. You can narrow the time range to download log files in batches.

Search Item	Operator	Description
SQL Details	Include-OR-Segment	Rule Description Enter the details of the SQL command and separate multiple keywords by line break. The match items in the SQL command details search box are divided into three levels. The first level sets the forward and reverse matching modes (Include, Exclude); the second level sets the logical relationship between keywords (OR, AND); the third level sets each keyword matching mode (Segment, Wildcard). Note: The search of SQL command details is case-insensitive. Include and Exclude match modes are supported. Keywords support "OR" and "AND" logical match. "OR" means a "union" relationship between different keywords, and "AND" means an "intersection" relationship between different keywords. Each keyword supports two match modes: "segment" and "wildcard". "Segment" means that each keyword in the SQL command details needs to be accurately matched, and "wildcard" means that fuzzy match is supported for each keyword in the SQL command details. Example For example, if the SQL command details are `SELECT * FROM test_db1 join test_db2 LIMIT 1;`, In the "Include (segment)" search mode, you can search by segment keywords such as "SELECT", "select from", "", "SELECT * FROM test_db LIMIT 1;", "from Test_DB". However, you can't search by wildcard keywords such as "SEL", "sel", and "test". In the "Include (wildcard)" search mode, you can't search by wildcard keywords such as "SEL", "sel", "test", and "DB". In the "Include (AND)" search mode, multiple keywords are in an "AND" relationship, which means you can query all SQL commands containing "SELECT" and "test_db" by entering keywords such as "SELECT" and "test_db". In the "Include (OR)" search mode, multiple keywords are in an "OR" relationship, which means you can query all SQL commands containing "test_db1" and "test_db2" by entering keywords such as "test_db1" and "test_db2".
			Include-AND-Segment
			E‌xclude-AND-Segment
			‌Include-OR-Wildcard
			‌Include-AND-Wildcard
			‌E‌xclude-AND-Wildcard
Client IP	Include Exclude Equal to Not equal to	You can filter client IP addresses by using the wildcard "" and separate them by line break. For example, if you enter "client IP: 9.223.23.2", IP addresses that start with "9.223.23.2" will be searched.
User Account	Include Exclude Equal to Not equal to	Enter a user account and separate multiple keywords by line break.
Database Name	Include Exclude Equal to Not equal to	Enter a database name and separate multiple keywords by line break. Note: The search of database name is case-insensitive.
Table Name	Equal to Not equal to	Enter a table name. Table name search instructions are as follows: It is case-insensitive. The search format is DbName.TableName. For example: If the database test_db contains the table test_table, to search for the table test_table, you need to enter: table name equal to test_db.test_table. Note: You can record up to 64 table names. For the field "Table Name", it is supported in TXSQL 2.1.13 and later, as well as TXSQL 3.1.15 and later. Other versions do not support it. If support is required, upgrade to a version that supports this field.
Error Code	Equal to Not equal to	Enter an error code and separate multiple keywords by line break.
SQL Type	Equal to Not equal to	Select an SQL type from the drop-down list. Available types: ALTER, CHANGEUSER, CREATE, DELETE, DROP, EXECUTE, INSERT, LOGOUT, OTHER, REPLACE, SELECT, SET, UPDATE, and PREPARE. Multiple types can be selected at the same time. Note: The SQL type "PREPARE" is supported only in TXSQL 5.7 2.1.11 and later versions, as well as TXSQL 8.0 3.1.11 and later versions. You can upgrade to supported versions if needed.
Risk Level	Include Exclude	Select low, medium, or high risk to filter the audit logs that meet the risk level settings of the rule template. It also supports empty inputs, which indicate filtering the audit logs without risk level tags in the historical inventory.
Execution Time (μs)	Range format	Enter an execution time in the format of M-N, such as 10-100 or 20-200.
Lock Wait Time (μs)	Range format	Enter a lock wait time in the format of M-N, such as 10-100 or 20-200.
IO Wait Time (ns)	Range format	Enter an IO wait time in the format of M-N, such as 10-100 or 20-200.
Transaction Duration (μs)	Range format	Enter a transaction duration in the format of M-N, such as 10-100 or 20-200.
CPU Time (μs)	Range format	Enter a CPU time in the format of M-N, such as 10-100 or 20-200.
Audit Rule	Include Exclude	Display the template IDs and names of all rule templates in a specific region. You can filter the audit logs meeting a specific rule template. Supports empty inputs, which indicate filtering the audit logs without audit rule tags and the full audit logs not meeting rules in the historical inventory. Supports searching for audit rules by rule template ID and rule template name. Supports choosing multiple rule templates simultaneously.
Thread ID	Equal to Not equal to	Enter a thread ID and separate multiple keywords by line break.
Transaction ID	Equal to Not equal to	Enter a transaction ID and separate multiple keywords by line break. Note： For the field "Transaction ID", it is supported in TXSQL 2.1.11 and later, as well as TXSQL 3.1.15 and later. Other versions do not support it. If support is required, upgrade to a version that supports this field. Currently, a transaction ID is generated only when an explicit transaction is added, deleted, or modified. Implicit transactions do not have a transaction ID.
Scanned Rows	Range format	Enter a range of scanned rows in the format of M-N, such as 10-100 or 20-200.
Affected Rows	Range format	Enter a range of affected rows in the format of M-N, such as 10-100 or 20-200.
Returned Rows	Range format	Enter a range of returned rows returned in the format of M-N, such as 10-100 or 20-200.

No.	Field	Supported Kernel Version	Field Description
1	Time	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	Record the start time when the operation occurred (SQL execution).
2	Risk Level	-	The risk level of an operation, categorized as low risk, medium risk, and high risk. For full audit, the risk level of logs that do not meet any audit rules will be displayed as "-".
3	Client IP	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	IP address of the client initiating a database operation.
4	Database Name	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	Name of the database involved in an operation.
5	User Account	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	User account executing an operation.
6	SQL Type	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	Type of SQL statements, such as SELECT, INSERT, UPDATE, and DELETE.
7	SQL Details	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	The specific SQL command text being executed.
8	Error Code	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	When an error occurs during the execution of an SQL statement, an error code is generated. The error code is an integer used to identify a specific error type, with 0 indicating success.
9	Thread ID	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	Unique thread ID for each client connected to a database, which is used to identify which client executed a specific operation.
10	Transaction ID	TXSQL 5.7 ≥ 2.1.13 TXSQL 8.0 ≥ 3.1.15	Unique ID for each transaction in the storage engine that supports transactions (such as InnoDB), which is used to identify a specific transaction.
11	Scanned Rows	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	The number of rows scanned in a database during query execution, which can help you understand the query efficiency.
12	Returned Rows	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	The number of rows returned in the query results, which can help you understand the result set size.
13	Affected Rows	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	The number of rows actually affected when a modification operation (such as INSERT, UPDATE, or DELETE) is performed on a data table, which can help you understand the impact scope of the operation.
14	Execution Time (μs)	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	The time from starting execution of an SQL statement to finishing it, in microseconds. This field can help you understand the query performance.
15	CPU Time (μs)	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	The time spent executing SQL statement on the CPU, in microseconds. This field can help you understand the CPU usage during the query.
16	Lock Wait Time (μs)	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	The time spent waiting to acquire the database lock, in microseconds. This field can help you understand the lock contention situation of the query.
17	IO Wait Time (ns)	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	The waiting spent waiting for an I/O operation to complete, in nanoseconds. This field can help you understand the I/O performance of the query.
18	Transaction Duration (μs)	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	The total time consumed for a transaction from start to submission or rollback, in microseconds. This field can help you understand the performance of the transaction.
19	Audit Rule	TXSQL 5.7 ≥ 2.0.15 TXSQL 8.0 ≥ 3.0.1	It displays the rule template that the audit log meets. Upon clicking the corresponding rule template, the details of the rule template will be displayed, including the basic information, the parameter settings, and the modification record. The value of the audit rule for the audit logs in the historical inventory is displayed as "-". The value of the audit rule for the audit logs that don't meet rules is displayed as "-".
20	Table Name	TXSQL 5.7 ≥ 2.1.13 TXSQL 8.0 ≥ 3.1.15	Names of specific data tables involved in the operation (if any).

No.	SQL Statement Type	SQL Statement Mapping Object
0	OTHER	All other SQL statement types except the following
1	SELECT	SQLCOM_SELECT
2	INSERT	SQLCOM_INSERT, SQLCOM_INSERT_SELECT
3	UPDATE	SQLCOM_UPDATE, SQLCOM_UPDATE_MULTI
4	DELETE	SQLCOM_DELETE, SQLCOM_DELETE_MULTI, SQLCOM_TRUNCATE
5	CREATE	SQLCOM_CREATE_TABLE, SQLCOM_CREATE_INDEX, SQLCOM_CREATE_DB, SQLCOM_CREATE_FUNCTION, SQLCOM_CREATE_USER, SQLCOM_CREATE_PROCEDURE, SQLCOM_CREATE_SPFUNCTION, SQLCOM_CREATE_VIEW, SQLCOM_CREATE_TRIGGER, SQLCOM_CREATE_SERVER, SQLCOM_CREATE_EVENT, SQLCOM_CREATE_ROLE, SQLCOM_CREATE_RESOURCE_GROUP, SQLCOM_CREATE_SRS
6	DROP	SQLCOM_DROP_TABLE, SQLCOM_DROP_INDEX, SQLCOM_DROP_DB, SQLCOM_DROP_FUNCTION, SQLCOM_DROP_USER, SQLCOM_DROP_PROCEDURE, SQLCOM_DROP_VIEW, SQLCOM_DROP_TRIGGER, SQLCOM_DROP_SERVER, SQLCOM_DROP_EVENT, SQLCOM_DROP_ROLE, SQLCOM_DROP_RESOURCE_GROUP, SQLCOM_DROP_SRS
7	ALTER	SQLCOM_ALTER_TABLE, SQLCOM_ALTER_DB, SQLCOM_ALTER_PROCEDURE, SQLCOM_ALTER_FUNCTION, SQLCOM_ALTER_TABLESPACE, SQLCOM_ALTER_SERVER, SQLCOM_ALTER_EVENT, SQLCOM_ALTER_USER, SQLCOM_ALTER_INSTANCE, SQLCOM_ALTER_USER_DEFAULT_ROLE, SQLCOM_ALTER_RESOURCE_GROUP
8	REPLACE	SQLCOM_REPLACE, SQLCOM_REPLACE_SELECT
9	SET	SQLCOM_SET_OPTION, SQLCOM_RESET, SQLCOM_SET_PASSWORD, SQLCOM_SET_ROLE, SQLCOM_SET_RESOURCE_GROUP
10	EXECUTE	SQLCOM_EXECUTE
11	LOGIN	Database login behavior, which is not constrained by audit rules and is recorded by default.
12	LOGOUT	Database logout behavior, which is not constrained by audit rules and is recorded by default.
13	CHANGEUSER	User change behavior, which is not constrained by audit rules and is recorded by default.
14	PREPARE	-

tencent cloud

Prerequisite

Viewing Audit Logs

Tool list

Filtering and Search Conditions

Audit Fields

Relationship Between SQL Statement Type and SQL Statement Mapping Object