tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
TencentDB for MySQL
    Documentation
    Download PDF

    Enabling Audit Service

    Last updated: 2023-11-28 19:28:15
    Download PDF
      Tencent Cloud provides database audit capabilities for TencentDB for MySQL, which can record accesses to databases and executions of SQL statements to help you manage risks and improve the database security.
      Note
      TencentDB for MySQL supports database audit feature in the following versions: MySQL 5.6 20180101 and later, MySQL 5.7 20190429 and later, MySQL 8.0 20210330 and later on two-node and three-node architectures. However, this feature is currently unavailable on MySQL 5.5 and TencentDB for MySQL instances on single-node architecture.

      Prerequisite

      You have created a MySQL instance. For more information, see Creating MySQL Instance.
      To utilize the rule audit feature, please submit a service ticket.
      The event alarm function is currently only available in Beijing, Shanghai, Guangzhou, Chengdu, and Singapore regions. To use it, please submit a service ticket.
      For instances with a full audit type, if you need to set risk levels and alarm strategies for audit logs, please submit a service ticket.

      Directions

      1. Log in to the TencentDB for MySQL console.
      2. On the left sidebar, click Database Audit.
      3. Select a region at the top, click the Audit Instance tab, and click Disabled to filter audit-disabled instances.
      
      4. Find the target instance in the audit instance list, or search for it by resource attribute in the search box, and click Enable Database Audit in the Operation column.
      Note
      You can batch enable the audit service for multiple target instances by selecting them in the audit instance list and clicking Enable Database Audit above the list.
      
      5. On the Enable Database Audit page, configure Select Audit Instance, Audit Rule Settings, Configure Audit, read and indicate your consent to the Tencent Cloud Terms of Service, and click OK.
      5.1 Audit instance selection In the Select Audit Instance section, all instances selected in step 4 are selected by default. You can select other or more target instances in this window or search for target instances by instance ID/name in the search box. Then, set the audit rule.
      
      5.2 Audit rule settings In the Audit Rule Settings section, select Full Audit or Rule-Based Audit. Their differences are as detailed below:
      Parameter
      Description
      Full audit
      Full audit records all database accesses and SQL statement executions.
      Rule-based audit
      Rule auditing will chronicle the access to the database and the execution of SQL statements, in accordance with the bespoke audit rules.
      
      When the audit type is set to full audit
      , there are two actual operational scenarios in the console, for which you may refer to the corresponding procedures.
      Example One: Unutilized Risk Level and Alert Strategy
      Example Two: Utilized Risk Level and Alert Strategy
      After selecting Full Audit as the audit type, you can directly proceed to the Audit Service Configuration step.
      5.2.1 Choose from existing rule templates or decide to create a new rule template. For detailed steps on creating a new template, please refer to Creating Rule Templates.
      5.2.2 After completing the rule template configuration, proceed to the Audit Service Configuration step.
      Note:
      You may apply up to five rule templates, and the relationship between different rule templates is of 'or' nature.
      The rule templates are intended for instances with 'Full Audit' type, serving the sole purpose of assigning risk levels and alert policies to audit logs that match the rules of the template. The audit logs that do not match the rules will still be preserved.
      
      If you select Rule-Based Audit, you need to select Create rule or Select from rule templates. If you select an existing rule from rule templates, you can directly configure audit. If there are no appropriate rule templates, you can create a new one, refresh the page, and select it. For detailed directions, see Creating Rule Template.
      Note
      You may apply up to five rule templates, with the relationship between different rule templates being "or".
      Rule templates are targeted at instances with the audit type of "rule audit". They are used for retaining audit logs that hit the template rules, setting risk levels, and establishing alarm strategies. Audit logs that do not hit the rule content are no longer retained.
      5.3 
      Audit service settings
      In the Configure Audit section, set Log Retention Period, Frequent Access Storage Period, and Infrequent Access Storage Period, read and indicate your content to the Tencent Cloud Terms of Service, and click OK.
      
      Parameter
      Description
      Log Retention Period
      The audit log retention period in days, which can be 7, 30, 90, 180, 365, 1,095, or 1,825 days.
      Frequent Access Storage Period
      Frequent access storage has the best query performance as it uses ultra-high-performance storage media. Audit data is initially stored in frequent access storage for the time period specified here, after which it is automatically transitioned to infrequent access storage. These two storage types only differ in performance but both support auditing. For example, if the log retention period is set to 30 days, and frequent access storage period is set to 7 days, then the infrequent access storage period will be 23 days by default.
      
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy