Data Management (DMS) provides the sensitive data audit feature to record the use of sensitive data in DMS. This prevents the abnormal use of sensitive data and helps track data leakages.

Overview

  • Involved features

    Data query and data change in the SQLConsole, data result set export, database export, and regular data change

  • Entry points
    • In the top navigation bar of the DMS console, click Security and Specifications. In the left-side navigation pane, choose Sensitive Data Management > Sensitive Data Audit. For more information, see the Entry point 1: Sensitive Data Audit page section in this topic.
    • In the top navigation bar of the DMS console, click Security and Specifications. In the left-side navigation pane, click Operation Audit. Then, click the Operation Logs tab. For more information, see the Entry point 2: Operation Logs tab section in this topic.

Entry point 1: Sensitive Data Audit page

  1. Log on to the DMS console V5.0.
  2. In the top navigation bar, click Security and Specifications. In the left-side navigation pane, choose Sensitive Data > Sensitive Data Audit.
  3. On the Sensitive Data Audit page, you can set the Function, User name, Time, Database Name, Table name, and Column name parameters and click Search to search for audit logs.
    Note By default, DMS displays the audit logs in the last day.
    In the audit logs, you can view the operator, involved feature, time when the operation was performed, database name, source IP address, and number of each ticket or task.
  4. Optional:Click the Plus icon icon before a ticket or task to view its details such as the names of the tables that contain sensitive data, names of sensitive fields, sensitivity levels, user permissions, and configured de-identification algorithms.

Entry point 2: Operation Logs tab

  1. Log on to the DMS console V5.0.
  2. In the top navigation bar, click Security and Specifications. In the left-side navigation pane, click Operation Audit.
  3. Click the Operation Logs tab.
  4. View the audit logs of sensitive data. A ticket or task that involves sensitive data is identified as Sensitive in the Ticket/Task column.
  5. In the Ticket/Task column, move the pointer over Sensitive. In the message that appears, click here.
    In the Details dialog box, view the details of the ticket or task, such as the names of the tables that contain sensitive data, names of sensitive fields, sensitivity levels, user permissions, and configured de-identification algorithms.