This topic describes the SQL audit function. You can use this function to audit SQL executions and check the details. Enabling SQL audit does not affect the instance performance.

Precautions

  • You cannot view the records that were generated before SQL audit is enabled.
  • Enabling SQL audit does not affect the instance performance.
  • SQL audit records are retained for 30 days.
  • Files exported from SQL audit can be retained for two days. The system deletes the files that are older than two days.
  • The SQL audit is disabled by default. When this feature is enabled, the instance incurs additional fees. For more information, see ApsaraDB for RDS pricing.

Enable SQL audit

  1. Log on to the ApsaraDB for RDS console.
  2. In the upper-left corner of the page, select the region where the instance is located.选择地域
  3. Find the instance and click the instance ID.
  4. In the left-side navigation pane, click Data Security.
  5. Select the SQL Audit tab, and click Enable SQL Audit Log. 开启SQL审计
  6. In the message box that appears, click OK.

    After enabling SQL audit, you can query SQL information based on criteria such as time, database, user, and other key words.

Disable SQL audit

You can disable the SQL audit feature when you do not need to audit SQL to save costs. To disable SQL audit, follow these steps:

Note When the SQL audit feature is disabled, all the SQL audit records are cleared. We recommend that you export and store the audit records locally before disabling SQL audit.
  1. Log on to the ApsaraDB for RDS console.
  2. In the upper-left corner of the page, select the region where the instance is located.选择地域
  3. Find the instance and click the instance ID.
  4. In the left-side navigation pane, click Data Security.
  5. Select the SQL Audit tab, click Export, and then store the exported file locally.
  6. After the file is exported, click Disable SQL Audit Log. 关闭SQL审计
  7. In the message box that appears, click OK.