The SQL Explorer feature in PolarDB for MySQL is upgraded to SQL Explorer and Audit. The SQL Explorer and Audit feature is provided by Database Autonomy Service (DAS). This feature is developed based on the full request feature and the SQL Audit feature. In addition, this feature is integrated with the following features: Search, SQL Explorer, Security Audit, and Traffic Playback and Stress Test. This feature helps you obtain information about the SQL statements that are executed. You can use the information to troubleshoot various performance issues, identify the sources of high risks, and check whether you need to upgrade your PolarDB cluster.
Background information
The SQL Explorer and Audit feature records information about all Data Query Language (DQL), DML, and DDL statements that are executed. DAS obtains the information from database kernels, which consumes only a small amount of CPU resources. This topic describes how to use the SQL Explorer and Audit feature on a PolarDB cluster.
Prerequisites
If you use the Search feature as a RAM user, make sure that the AliyunPolardbReadOnlyWithSQLLogArchiveAccess permissions are granted to the RAM user. For more information, see Create and authorize a RAM user.
You can also create a custom policy to grant the RAM user the permissions to use the search feature, including the log export feature. For more information, see the "Use custom policies to grant a RAM user the permissions to use the search and export features in the SQL Explorer and Audit module" section of the What do I do if I do not have permissions to access DAS as a RAM user? topic.
Features
Feature | Region | Billing |
New SQL Explorer and Audit
| China (Hangzhou), China (Shanghai), China (Beijing), China (Shenzhen), China (Zhangjiakou), China (Hong Kong), and Singapore (Singapore) |
|
Original SQL Explorer and Audit
| China (Hangzhou), China (Shanghai), China (Qingdao), China (Beijing), China (Shenzhen), China (Zhangjiakou), China (Hohhot), China (Chengdu), China (Ulanqab), China (Hong Kong), Singapore (Singapore), Malaysia (Kuala Lumpur), and Indonesia (Jakarta) | |
️SQL Explorer
| Regions other than the preceding regions, Philippines (Manila), Thailand (Bangkok), and South Korea (Seoul) | The fee is billed to PolarDB for MySQL. For more information, see Billing rules of SQL Explorer (optional). |
SQL statement search: This feature is used to query and export information about the SQL statements that are executed. The information includes the execution history of the SQL statements and the database, status, and execution duration of each SQL statement.
SQL Explorer: This feature is used to perform health checks on SQL statements that are executed within a specific period of time, troubleshoot performance issues, and analyze business traffic.
Security audit: This feature is used to identify risks, such as high-risk SQL statements, SQL injection attacks, and new access sources.
Traffic playback and stress testing: This feature is used to check whether your cluster needs to be scaled to handle traffic spikes.
Analytics: This feature is used to analyze SQL statements that are executed within a specific period of time to identify abnormal SQL statements and troubleshoot performance issues.
Enable the SQL Explorer and Audit feature
- Log on to the PolarDB console.
- In the upper-left corner of the console, select the region in which the cluster that you want to manage is deployed.
- Find the cluster and click the cluster ID.
In the left-side navigation pane, choose .
Enable the SQL Explorer and Audit feature.
For original SQL Explorer and Audit or new SQL Explorer and Audit, click Enable to enable the SQL Explorer and Audit feature.
NoteIf DAS Professional Edition is not activated for your Alibaba Cloud account, follow the on-screen instructions to activate DAS Professional Edition. For more information, see Purchase DAS Professional Edition.
For SQL Explorer, click Official Edition, configure the storage duration, and then click OK to enable the SQL Explorer and Audit feature.
NoteThe default storage duration is 30 Days for the SQL Explorer and Audit feature. You can click Service Settings to modify the storage duration .
PolarDB deletes all SQL audit logs that are stored for longer than the specified retention period.
On the page that appears, click a tab based on your business requirements. Then, you can view the information about the feature.
For more information about the SQL statement search feature, see Search.
For more information about the SQL Explorer feature, see SQL Explorer.
For more information about the security audit feature, see Security audit.
For more information about the traffic playback and stress testing feature, see Traffic playback and stress testing.
Change the retention period of SQL logs
- Log on to the PolarDB console.
- In the upper-left corner of the console, select the region in which the cluster that you want to manage is deployed.
- Find the cluster and click the cluster ID.
In the left-side navigation pane, choose .
In the upper-right corner of the SQL Explorer page, click Service Settings.
Modify the storage duration and click OK.
Disable the SQL Explorer and Audit feature
After you disable the SQL Explorer and Audit feature, all SQL audit logs are deleted. Before you disable the SQL Explorer and Audit feature, we recommend that you export the SQL audit logs as a file and download the file to your computer. If you enable the SQL Explorer and Audit feature again, SQL audit logs are recorded from the point in time at which the SQL Explorer and Audit feature is enabled.
- Log on to the PolarDB console.
- In the upper-left corner of the console, select the region in which the cluster that you want to manage is deployed.
- Find the cluster and click the cluster ID.
In the left-side navigation pane, choose .
Click Service Settings.
In the dialog box that appears, turn off the Enable switch and click Ok.
NoteIf you enable the audit log collection feature for your PolarDB for MySQL cluster in the CloudLens for PolarDB application of Log Service, the SQL Explorer and Audit feature is automatically enabled for the PolarDB for MySQL cluster. Therefore, you must also disable the audit log collection feature for the PolarDB for MySQL cluster. For more information, see Enable data collection.
After you disable the SQL Explorer and Audit feature, all SQL log entries are deleted. We recommend that you export SQL log entries before you disable this feature. For more information about how to export SQL records, see Export SQL log entry.
In the message that appears, click OK.
View the size and consumption details of audit logs
Log on to the Alibaba Cloud Management Console.
In the upper-right corner of the page, choose Expenses > User Center.
In the left-side navigation pane, choose .
On the Bills page, click the Details tab. In the search bar, select Instance ID from the drop-down list and enter the ID of the cluster for which you want to query the details.
View the billing details in the data entries in which the value in the Billing Item column is sql_explorer.
Upgrade to new SQL Explorer and Audit
You can upgrade original SQL Explorer and Audit to new SQL Explorer and Audit if your PolarDB for MySQL cluster is deployed in the China (Hangzhou), China (Shanghai), China (Beijing), or China (Shenzhen) region.
- Log on to the PolarDB console.
- In the upper-left corner of the console, select the region in which the cluster that you want to manage is deployed.
- Find the cluster and click the cluster ID.
In the left-side navigation pane of the page that appears, choose Autonomy Service > SQL Explorer and Audit.
Click Migrate to a new version in the upper-right corner.
In the Migrate to a new version dialog box, configure the Data Storage Duration parameter and then click OK.