Log Service is integrated with ApsaraDB Relational Database Service (RDS) for MySQL to analyze SQL execution logs in a quasi-real-time manner. It provides drill-down reports, custom audit rules, and alerts upon exceptions. You can also subscribe to reports and use Log Service together with other data solutions.

Background

A database is the core of an enterprise's business. You need to record and audit database operations, especially all SQL execution operations. In addition, database SQL execution logs provide information such as performance, execution results, and classification, which play a critical role in troubleshooting and online performance optimization.

Log Service is integrated with RDS to analyze SQL execution logs in a quasi-real-time manner.

Complete SQL execution logs

SQL execution logs record all SQL operations performed on a database. RDS collects SQL execution logs through network listening, which has little impact on actual execution performance. SQL execution logs include but are not limited to the following types of SQL operations and information:
  • Database logon and logoff
  • Data definition language (DDL): SQL statements that define the database structure, such as CREATE, ALTER DROP, TRUNCATE, and COMMENT
  • Data manipulation language (DML): SQL operation statements, such as SELECT, INSERT, UPDATE, and DELETE
  • Other SQL operations performed after SQL statements are run, such as rollback and control
  • Failed SQL operations
  • SQL execution latency, execution results, and number of affected rows

Benefits

Sending real-time SQL execution logs from RDS to Log Service brings the following benefits:
  • Simple: simplifies configuration and allows you to easily collect SQL execution logs and import them to Log Service in quasi-real time.
  • Reliable: has no impact on the performance of existing databases. Data is imported in quasi-real time with a latency of several minutes.
  • Comprehensive: records not only executed SQL statements but also database logon, failed data execution, latency, and impact results. This allows you to master database execution status, performance, and potential security issues.
  • Powerful: provides real-time log analysis, an out-of-the-box report center, and custom configuration.
  • Flexible: supports quasi-real-time monitoring, alerting, and report subscription based on specific metrics to ensure timely response to critical business exceptions. Log Service can collaborate with other data solutions such as stream computing, cloud storage, and visualization to dig up more data value. Log Service also provides one-stop services, including machine learning, custom reports, and data processing.
  • Cost-effective: charges only about USD 0.028/day to store 10 million SQL execution logs for one month.

Limits

  • You must activate Alibaba Cloud Log Service to use the SQL audit and analysis features.
  • You must activate Alibaba Cloud RDS and create an RDS for MySQL instance that supports the SQL audit or SQL Explorer feature.
  • You must enable the SQL audit feature of the RDS standard edition before enabling log data import in the Log Service console. If you enable the SQL audit feature of the trial edition, you may fail to enable log data import.
  • The following table describes the RDS instance type for which logs can be automatically sent to Log Service.
    Item Description Remarks
    Type MySQL Other types are not supported.
    Region China (Beijing), China (Shanghai), China (Hangzhou), China (Shenzhen), China (Hong Kong), and China (Qingdao) Other regions are not available.
    Version 5.5, 5.6, 5.7, and 8.0 V8.0 is a beta version.
    Edition High-availability edition and finance edition N/A
    Storage type Local SSD N/A
  • Currently, RDS can send logs only to Log Service projects in the same region. For example, logs of an RDS instance in China (Beijing) can only be sent to a Log Service Logstore in China (Beijing).
  • Do not modify the default dashboard configuration. Default dashboards are automatically updated with the upgrade of features.

Target customers

  • Compliance: large enterprises and institutions that have higher compliance requirements for storage of SQL execution logs, such as financial companies and government agencies.
  • Advanced O&M: enterprises, such as Internet service enterprises and financial companies, that need to use the real-time interactive statistics, query analysis, and alerting features of Log Service to monitor database status in real time and quickly troubleshoot performance, reliability, and stability exceptions in business.
  • Security: companies, such as financial, securities, e-commerce, and games companies, that need to use the real-time query and analysis features of Log Service to audit database security and assist in data security protection and post-event troubleshooting.
  • Behavior analysis: companies that need to analyze database operations, use the statistics and query results as reference to further optimize and verify performance, features, and experience, and connect to external systems for further in-depth analysis.

Scenarios

  • Interactive analysis of SQL execution logs

    You can troubleshoot database access exceptions and analyze problems in quasi-real time, view read/write latency, and understand the regional distribution of access clients.

  • Security analysis

    You can view abnormal deletion of important tables, SQL attacks, and SQL injection on dashboards.You can also customize SQL execution audit and alerting rules based on log query and analysis results for timely processing. Log Service supports multiple alerting modes, such as DingTalk and SMS, and provides custom alert content templates.

  • Overall access monitoring

    You can view the overall access monitoring status and O&M reliability metrics on dashboards, and use the metrics to build your own dashboard.

  • Operational analysis

    You can view active databases and tables, and the addition, modification, and deletion of key data.