Enforce Data Tracking Approval Rules in DMS - Data Management

Data Management (DMS) lets you control how data tracking tickets are reviewed and approved by configuring security rules. This page explains the checkpoints, factors, and actions available for data tracking, and walks you through two tasks: modifying the default approval template and creating a custom security rule.

Checkpoints, factors, and actions

Checkpoints

A checkpoint is a validation gate that DMS evaluates when a data tracking ticket is submitted. The following checkpoints are available for data tracking:

Checkpoint	Purpose	Default behavior
Basic Configuration Item	Sets the default approval template for data tracking tickets	Used when no approval process is configured in Approval Rule Validation
Approval Rule Validation	Evaluates custom security rules against the submitted ticket	If a rule matches, DMS applies the corresponding action

Factors

A factor is a predefined variable that DMS exposes for use in security rule conditions. Factor names follow the format @fac.<display-name>. The following factor is available for data tracking:

Factor	Description
`@fac.log_size`	Size of the logs to be queried in the data tracking task, in MB

Warning

A large @fac.log_size value means the tracking process consumes significant bandwidth on the database server, which can affect online business. Use this factor in rules to block or escalate high-volume tracking requests.

Actions

An action defines what DMS does when a rule condition is met. Action names follow the format @act.<display-name>. The following actions are available for data tracking:

Action	Description
`@act.forbid_submit_order`	Blocks ticket submission. Format: `@act.forbid_submit_order 'Reason'`
`@act.do_not_approve`	Specifies the approval template by ID. See Configure approval processes
`@act.choose_approve_template`
`@act.choose_approve_template_with_reason`

Security rule templates

DMS provides predefined templates to help you get started quickly. The following template is available for data tracking:

Checkpoint	Template
Approval Rule Validation	Data tracking approval process

Modify the default approval template

The default approval template applies to all data tracking tickets that do not match any custom security rule. Change this template to adjust the baseline approval process.

Log on to the DMS console V5.0.
Move the pointer over the icon in the upper-left corner, then choose All functions > Security and Specifications > Security Rules.
In normal mode, choose Security and Specifications > Security Rules in the top navigation bar.
Move the pointer over the icon in the upper-left corner and choose All Features > Security and disaster recovery (DBS) > Security Rules.

Note
If you use the DMS console in normal mode, choose Security and disaster recovery (DBS) > Security Rules in the top navigation bar.
Move the pointer over the icon in the upper-left corner and choose All Features > Security and disaster recovery (DBS) > Security Rules.

Note
If you use the DMS console in normal mode, choose Security and disaster recovery (DBS) > Security Rules in the top navigation bar.
On the Security Rules tab, find the target rule set and click Edit in the Actions column.
In the left-side navigation pane of the Details page, choose Database Development > Data Tracking.
On the Data Tracking tab, click Basic Configuration Item.
Find Data Tracking Default Approval Template and click Edit in the Actions column.
In the Change Configuration Item dialog box, click Switch Approval Template.
Find the target template and click Select in the Actions column.
You can also click Reset to Free of Approval to skip the approval for tickets.
Click Submit.

Create a security rule

Create a custom security rule to control ticket submission behavior based on conditions such as log size. Rules are evaluated under the Approval Rule Validation checkpoint.

Log on to the DMS console V5.0.
Move the pointer over the icon in the upper-left corner, then choose All functions > Security and Specifications > Security Rules.
In normal mode, choose Security and Specifications > Security Rules in the top navigation bar.
On the Security Rules tab, find the target rule set and click Edit in the Actions column.
In the left-side navigation pane of the Details page, choose Database Development > Data Tracking.
On the Data Tracking tab, click Create Rule.

In the Create Rule - Data Tracking dialog box, configure the following parameters:

Parameter	Required	Description
Checkpoints	Yes	The checkpoint under which the rule applies. Select Approval Rule Validation
Template Database	No	A predefined template to start from. After selecting a checkpoint, click Load from Template Database to browse available templates
Rule Name	Yes	A name for the rule. Auto-filled when loading from a template
Rule DSL	Yes	The DSL condition and action for the rule. Defines when the rule triggers and what DMS does. Auto-filled when loading from a template. See DSL syntax for security rules

Click Submit.
The new rule is in Disabled state by default. Click Enable in the Actions column.
In the dialog box, click OK.

What's next

To learn how to define multi-stage approval processes and assign approvers, see Configure approval processes.
To explore the full DSL syntax for writing rule conditions and actions, see DSL syntax for security rules.