This topic describes how to collect RDS SQL audit logs by using the Log Service console.
- An ApsaraDB RDS instance is created.If an ApsaraDB RDS for PostgreSQL instance is
created, the SQL audit feature is enabled for the instance. If an ApsaraDB RDS for
MySQL instance is created, the SQL explorer feature of a paid edition is enabled for
- To create an ApsaraDB RDS for MySQL instance, see Create an ApsaraDB RDS for MySQL instance and SQL Explorer.
- To create an ApsaraDB RDS for PostgreSQL instance, see Create an ApsaraDB RDS for PostgreSQL instance and Enable and disable SQL Audit (database audit) on an ApsaraDB RDS for PostgreSQL instance.
- A Log Service project and Logstore are created in the region where the RDS instance resides. For more information, see Step 1: Create a project and a Logstore.
- Log on to the Log Service console.
- In the Import Data section, select RDS SQL Audit - Cloud Products.
- In the Specify Logstore step, select a project and Logstore, and click Next.
- In the Specify Data Source step, complete RAM authorization, enable the data shipping feature, and then click
- If you have not authorized Log Service to ship logs, click Authorize next to RAM, and complete the authorization as prompted.
- The destination ApsaraDB RDS instance may not appear on the prompted page or you may fail to enable the data shipping feature. This issue occurs when your ApsaraDB RDS instance does not meet the required conditions. For more information about how to check whether your ApsaraDB RDS instance meets the required conditions, see the Prerequisites section.
- In the Configure Query and Analysis step, click Next.The indexing feature is enabled for the Logstore where RDS SQL audit logs are stored. Indexes are configured for these audit logs. You can modify indexes as required. For more information, see Enable and configure the index feature for a Logstore.