Add trusted accounts and IP addresses to the whitelist so that Database Autonomy Service (DAS) skips security audit and anomaly detection for them. This reduces false alerts from monitoring accounts, maintenance IPs, and other known-safe sources.
Prerequisites
Before you begin, make sure that you have:
The new version of the security audit feature enabled. See Enable security audit (new version).
Supported entry types
Whitelist entries support the following types:
| Type | Description |
|---|---|
| Account | A database account to exclude from audit |
| IP address | A single IP address |
| CIDR block | An IP address range in CIDR notation |
After you add, modify, or delete a whitelist entry, the change takes effect within 1 minute. Whitelisted accounts and IP addresses are visible in the whitelist when you handle audit alerts or anomaly alerts.
Add a whitelist entry
Log on to the DAS console.
In the left-side navigation pane, choose Security Center > Security Audit.
On the Security Audit page, choose System Settings > Whitelist.
On the Whitelist tab, click Add Entry.
In the Add Entry panel, configure the parameters and click OK.
Modify or delete a whitelist entry
Log on to the DAS console.
In the left-side navigation pane, choose Security Center > Security Audit.
On the Security Audit page, choose System Settings > Whitelist.
Find the entry you want to manage, then click Modify or Delete in the Actions column.