Operation audit - Security Management| Alibaba Cloud Documentation Center

Data Management (DMS) provides the operation audit feature in addition to the basic features of operations log management. This way, you can identify and troubleshoot issues for databases with ease, and audit operations that are performed on the databases. You can also view and manage a list of SQL statements that are used in the SQLConsole, a ticket list, a logon list, and operations logs.

Features

The following table describes two modules of the operation audit feature in DMS, including Operation audit and Operation Logs.


Module	Description	Item
Operation Logs	Displays the logs of all operations that are performed in DMS.	Includes the logs of management and configuration operations, SQL statements that are used in the SQLConsole, tickets, and logon information.
Operation audit	Displays all operations that are performed on databases in DMS. Note This module provides a user interface (UI) for you to audit operations in a uniform manner. This helps you identify and troubleshoot issues for databases with ease.	Includes a list of SQL statements that are used in the SQLConsole, a ticket list, and a logon list.

Log data is permanently retained in DMS. This way, you can have access to and view the log data of instances whose control mode is Stable Change or Security Collaboration at any time.

Note You can view the log data of instances whose control mode is Flexible Management only in the last seven days. To view all log data, you can upgrade the control mode of the instances. For more information, see Service specification upgrade.

Use the operation audit feature

The following table describes multiple roles that you can assume to use the operation audit feature and how to go to the Operation audit tab in the DMS console.


Auditing dimension	Entry to operation audit	Supported role
Database You can view only the auditing records of operations that are performed on the current database.	On the SQLConsole tab of the database that you want to audit, click the icon in the upper-right corner. In the left-side navigation pane, click the instance where the database you want to audit resides, right-click the database, and then select Operation audit.	You can be a DMS administrator, a security administrator, a database administrator (DBA), an instance owner, or a common user. Note If you are a common user, you can view only the auditing records of operations that you perform on the current database.
Instance You can view only the auditing records of operations that are performed on the current instance.	In the left-side navigation pane, right-click the instance that you want to audit and select Operation audit.	You can be a DMS administrator, a security administrator, a DBA, an instance owner, or a common user. Note If you are a common user, you can view only the auditing records of operations that you perform on the current instance.
Global You can view the auditing records of all operations that are performed in DMS.	In the top navigation bar, choose System > Security > Operation audit.	You can be a DMS administrator, a security administrator, or a DBA.

View and download the auditing records of operations

This example shows you how to view and download a list of all SQL statements that are used in the SQLConsole in the last month.

Log on to the DMS console.
In the top navigation bar, choose System > Security > Operation audit.

By default, a list of SQL statements appears.
Set the Time parameter to Last One Month and click Search.
Then, the system returns search results.
Click the icon to download the results.

Then, the system exports an XLSX file that contains the search results on the current page.

Note To preview and export more results, you can set the Items per page parameter to 100.

Download operations logs

You can download operations logs only by calling the GetOpLog operation. For more information, see GetOpLog.