All Products
Search

This Product

    ApsaraDB RDS:Use ActionTrail to view operations on resources

    Document Center

    ApsaraDB RDS:Use ActionTrail to view operations on resources

    Last Updated:Aug 16, 2024

    This topic describes how to use ActionTrail to view the operations on ApsaraDB RDS for MySQL resources.

    Introduction

    ActionTrail is a service that monitors and records the operations of your Alibaba Cloud account. The operations include your access to and use of cloud services by using the Alibaba Cloud Management Console, APIs, and SDKs. ActionTrail records these operations as events. You can download these events from the ActionTrail console or configure ActionTrail to deliver these events to Simple Log Service Logstores or Object Storage Service (OSS) buckets. Then, you can perform behavior analysis, security analysis, resource change tracking, and compliance auditing based on the events. For more information about ActionTrail, see What is ActionTrail?

    Scenarios

    You want to track the resource-related operations and obtain the related information. For example, if you want to query the RAM user that is used to create an RDS instance, you can search for the ID of the RDS instance to obtain all the operations related to the RDS instance. Then, you can obtain the RAM user from the details of CreateDBInstance.

    Billing rules

    No fees are generated.

    Limits

    • In the ActionTrail console, you can query only the events that are delivered by single-account trails. You can perform queries at most twice per second. You cannot query the events that are delivered by multi-account trails in the ActionTrail console. To query such events, go to the required OSS bucket or Simple Log Service Logstore. For more information, see Create a multi-account trail.

    • You can use the event query feature to query only the events that are generated in the current region in the last 90 days.

      • To query the events that were generated in the current region 90 days ago, you must create a single-account trail to deliver the events to the required OSS bucket or Simple Log Service Logstore. Otherwise, you cannot query the events that were generated 90 days ago. For more information, see Create a single-account trail.

      • To query the events that were generated in multiple regions 90 days ago or query events based on multiple conditions, you can use the advanced event query feature. For more information, see Perform custom event queries.

    • After an event is generated within your Alibaba Cloud account, you must wait 10 minutes before you can query the event in the ActionTrail console.

    Procedure

    1. Log on to the ActionTrail console.

    2. In the left-side navigation pane, choose Events > Event Query.

    3. In the top navigation bar, select the region of the event that you want to query from the drop-down list.

    4. On the Event Detail Query page, enter query conditions, specify a time range, and then click the 查询按钮 icon.

      Note

      • You can configure the following query conditions to query events: Read/Write Type, Operator, Service Name, Event Name, Resource Type, Resource Name, AccessKey ID, Sensitive Operation, and Event ID.

      • You can query global events only in the Singapore region.

    5. Find the event that you want to query and click View Details in the Actions column to view the event details and event code.

      Note

      For more information about event fields, see Management event structure.