Data Management (DMS) provides the operation audit feature in addition to the basic features of operation log management. You can use this feature to troubleshoot database issues with ease and audit the operations that are performed on databases. You can also use this feature to view and manage the SQL statements that are used in the SQLConsole, tickets, logon information, and operation logs.

Features

The following table describes the two modules of the operation audit feature in DMS: Operation Logs and Operation Audit.
Module Description Item
Operation Logs Displays the logs of all the operations that are performed in DMS. Includes the logs of management and configuration operations, SQL statements that are used in the SQLConsole, tickets, and logon information.
Operation Audit Displays all the operations that are performed on the databases in DMS.
Note This module provides a user interface (UI) for you to audit operations in a centralized manner. This also helps you troubleshoot database issues with ease.
Includes SQL statements that are used in the SQLConsole, tickets, and logon information.
Note Only DMS administrators, database administrators (DBAs), ticket submitters, and stakeholders involved in the ticket approval process are allowed to view the ticket details.
Log data is permanently retained in DMS. You can access and view the log data of the database instances that are managed in Stable Change or Security Collaboration mode at any time.
Note You can view the log data of the database instances that are managed in Flexible Management mode only for the last seven days. To view all log data, upgrade the control mode of the database instances. For more information, see Service specification upgrade.

Procedure and supported roles

The following table describes the roles that you can assume to use the operation audit feature. It also shows you how to go to the Operation Audit tab in the DMS console.
Auditing dimension Limit Entry to operation audit Supported role
Database You can view and audit only the operations that are performed on the current database.
  • On the SQLConsole tab of the database that you want to audit, move the pointer over the Operation audit icon icon in the upper-right corner and select Operation Audit.
  • In the left-side navigation pane of the DMS console, click the database instance in which the database that you want to audit resides, right-click the database, and then choose Audit > Operation Audit.
You can be a DMS administrator, a security administrator, a DBA, a database instance owner, or a regular user.
Note If you are a regular user, you can view and audit only the operations that you performed on the current database.
Database instance You can view and audit only the operations that are performed on the current database instance. In the left-side navigation pane of the DMS console, right-click the database instance that you want to audit and choose Audit > Operation audit. You can be a DMS administrator, a security administrator, a DBA, a database instance owner, or a regular user.
Note If you are a regular user, you can view and audit only the operations that you performed on the current database instance.
Global You can view and audit all the operations that are performed in DMS. In the top navigation bar, click Security and Specifications. In the left-side navigation pane, click Operation Audit.
Note If you use the previous version of the DMS console, move the pointer over the More icon in the top navigation bar and choose System > Security > Operation Audit.
You can be a DMS administrator, a security administrator, or a DBA.

Download operation records

This example shows you how to download all the SQL statements that are used in the SQLConsole in the last month.

  1. Log on to the DMS console V5.0.
    Note To switch to the previous version of the DMS console, click the 5租户头像 icon in the lower-right corner of the page. For more information, see Switch to the previous version of the DMS console.
  2. Click the SQL window list tab.
  3. Set the Time parameter to Last One Month and click Search.
    Then, DMS returns the search results.
  4. Click the Download icon icon to download the results.

    Then, DMS exports an XLSX file that contains the search results displayed on the current page.

    Download operation records
    Note To preview and export more results, you can set the Items per page parameter to 100.

Download operation logs

You can download operation logs only by calling the GetOpLog operation. For more information, see GetOpLog.