Cloud Monitor and Hologres jointly launch CloudLens for Hologres to manage Hologres instances and collect SQL audit logs for Hologres in a centralized manner. This topic describes the costs, features, assets, and limits of CloudLens for Hologres.
Billing
CloudLens for Hologres is in public preview and is free of charge.
Features
CloudLens for Hologres supports the following features:
Centralized management of all Hologres instances that meet the specified conditions within your Alibaba Cloud account. For more information about the conditions, see Limits.
Enabling of Hologres SQL audit log collection and centralized log collection management.
Real-time storage, query, and analysis of Hologres SQL audit logs.
Various visual reports for Hologres SQL auditing.
Assets
After CloudLens for Hologres is enabled, Cloud Monitor creates a Simple Log Service project named aliyun-product-data-ID of your Alibaba Cloud account-Region ID and a Logstore named hologres_audit_log in the corresponding region by default.
The Logstore hologres_audit_log is used to store Hologres SQL audit logs. Audit logs are used to review operations and ensure security compliance.
Audit logs help security auditors obtain information such as operator identities and time of data operations, and identify internal risks such as abuse of permissions and execution of non-compliant commands. Audit logs help business systems meet audit requirements to ensure security compliance.
Limits
Only logs for the Hologres instances that meet the following log collection conditions are supported:
The audit log feature is enabled.
Hologres r2.2.0 and later are supported, and the minor version of the instance must be the latest one.
The following table describes the regions supported by CloudLens for Hologres.
Cloud type
Region
Supported regions on the Alibaba Cloud public cloud
China (Hangzhou), China (Beijing), China (Shenzhen), China (Shanghai), China (Zhangjiakou), China (Hong Kong), Singapore, Germany (Frankfurt), Indonesia (Jakarta), US (Silicon Valley), US (Virginia), Japan (Tokyo), and Malaysia (Kuala Lumpur)
Supported regions on Alibaba Finance Cloud
China East 2 Finance and China South 1 Finance
Supported regions on Alibaba Gov Cloud
China North 2 Ali Gov
Precautions
When you enable or use the CloudLens feature, the system checks whether a Simple Log Service project exists within your Alibaba Cloud account. The following part describes the detection logic:
If you enable the CloudLens feature for the first time, the system automatically checks whether a Simple Log Service project exists within your Alibaba Cloud account. If no project exists, the system creates a project named
aliyun-product-data-ID of your Alibaba Cloud account-cn-heyuanin the China (Heyuan) region.If you have enabled the CloudLens feature, the system only automatically checks whether a Log Service project exists within your Alibaba Cloud account. If no project exists, the system does not create a project in the China (Heyuan) region. In this case, you can manually create a project. For more information about how to create a project, see Manage a project.
Delete a project
If you want to delete the aliyun-product-data-ID of your Alibaba Cloud account-cn-heyuan project, you can run the following command in Cloud Shell. Replace the ID of your Alibaba Cloud account with the actual ID.
aliyunlog log delete_project --project_name=aliyun-product-data-ID of your Alibaba Cloud account-cn-heyuan --region-endpoint=cn-heyuan.log.aliyuncs.comFor more information about how to delete other projects and Logstores, see Manage a Logstore and Manage a project.