- Release Notes and Announcements
- Release Notes
- Announcements
- Announcement on Optimization of Instance Storage Capacity, IOPS, and I/O Bandwidth
- Announcement on Some APIs with CAM Authentication Integrated
- Announcement on Sales Suspension of Some General Specifications
- Announcement on Some APIs Integrated with CAM Authentication
- Announcement on Some APIs with CAM Authentication Integrated
- Announcement on Change of Part of Parameters
- Announcement on Update of Database Audit Feature
- Announcement on Authentication of a Newly Added API Interface of Database Audit
- Announcement on Change of Public Network Linkage
- TDSQL-C for MySQL Audit Service Update
- Announcement on Supplementary Charge for Clusters with Pay-as-You-Go Storage Billing Mode
- Announcement on New APIs Integrated with CAM Permissions
- Announcement on the Release of New Version of Database Proxy
- Emergency Fix for Certain Monitoring Metrics
- Monitoring Metric Optimization
- Change to Database Audit Resource ID
- Ops Change
- Storage Price Adjustment Notification
- Product Introduction
- Kernel Features
- Purchase Guide
- Getting Started
- Database Audit
- Serverless Service
- Operation Guide
- Switching Cluster Page View in Console
- Database Connection
- Instance Management
- Configuration Adjustment
- Cluster Management
- Scaling Instance
- Database Proxy
- Database Proxy Overview
- Use Limits
- Database Proxy Kernel Features
- Managing Database Proxy
- Enabling Database Proxy
- Setting Database Proxy Address
- Modifying or Deleting Connection Addresses
- Viewing and Changing the Access Policy
- Rebalancing the Load
- Transaction Split Feature
- Access Mode
- Adjusting Database Proxy Configuration
- Switching Database Proxy Network
- Viewing Database Proxy Monitoring Data
- Disabling Database Proxy
- Automatic Read/Write Separation
- Connection Pool Feature
- Other Features
- Account Management
- Database Management
- Database Management Tool
- Columnar Storage Index (CSI)
- Parameter Configuration
- Multi-AZ Deployment
- Backup and Restoration
- Operation Log
- Data Migration
- Parallel Query
- Database Security and Encryption
- Monitoring and Alarms
- Basic SQL Operations
- Connecting to TDSQL-C for MySQL Through SCF
- Tag
- Practical Tutorial
- Classified Protection Practice for Database Audit of TDSQL-C for MySQL
- Upgrading Database Version from MySQL 5.7 to 8.0 Through DTS
- Usage Instructions for TDSQL-C MySQL
- New Version of Console
- Implementing Multiple RO Groups with Multiple Database Proxy Connection Addresses
- Strengths of Database Proxy
- Selecting Billing Mode for Storage Space
- Creating Remote Disaster Recovery by DTS
- Creating VPC for Cluster
- Data Rollback
- Solution to High CPU Utilization
- How to Authorize Sub-Users to View Monitoring Data
- White Paper
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Billing APIs
- Instance APIs
- CloseClusterPasswordComplexity
- CopyClusterPasswordComplexity
- DescribeClusterDetail
- DescribeClusterPasswordComplexity
- ModifyClusterPasswordComplexity
- OpenClusterPasswordComplexity
- UpgradeClusterVersion
- UpgradeInstance
- SetRenewFlag
- OfflineCluster
- ModifyMaintainPeriodConfig
- IsolateInstance
- IsolateCluster
- DescribeMaintainPeriod
- DescribeInstanceSpecs
- DescribeClusters
- CreateClusters
- AddInstances
- OfflineInstance
- DescribeInstanceDetail
- DescribeClusterInstanceGrps
- DescribeInstances
- ActivateInstance
- ModifyInstanceName
- ModifyClusterName
- SearchClusterTables
- SearchClusterDatabases
- RestartInstance
- Multi-AZ APIs
- Account APIs
- Audit APIs
- Database Proxy APIs
- Backup and Restoration APIs
- Parameter Management APIs
- Performance Analysis APIs
- Serverless APIs
- ResourcePackage APIs
- Other APIs
- CloseWan
- CreateClusterDatabase
- DeleteClusterDatabase
- DescribeClusterDetailDatabases
- ModifyClusterDatabase
- OpenWan
- SwitchClusterVpc
- OpenReadOnlyInstanceExclusiveAccess
- OpenClusterReadOnlyInstanceGroupAccess
- ModifyDBInstanceSecurityGroups
- DescribeProjectSecurityGroups
- DescribeDBSecurityGroups
- SwitchProxyVpc
- DescribeFlow
- DescribeZones
- ModifyVipVport
- Data Types
- Error Codes
- FAQs
- Service Agreement
- TDSQL-C Policy
- General References
- Glossary
- Contact Us
- Release Notes and Announcements
- Release Notes
- Announcements
- Announcement on Optimization of Instance Storage Capacity, IOPS, and I/O Bandwidth
- Announcement on Some APIs with CAM Authentication Integrated
- Announcement on Sales Suspension of Some General Specifications
- Announcement on Some APIs Integrated with CAM Authentication
- Announcement on Some APIs with CAM Authentication Integrated
- Announcement on Change of Part of Parameters
- Announcement on Update of Database Audit Feature
- Announcement on Authentication of a Newly Added API Interface of Database Audit
- Announcement on Change of Public Network Linkage
- TDSQL-C for MySQL Audit Service Update
- Announcement on Supplementary Charge for Clusters with Pay-as-You-Go Storage Billing Mode
- Announcement on New APIs Integrated with CAM Permissions
- Announcement on the Release of New Version of Database Proxy
- Emergency Fix for Certain Monitoring Metrics
- Monitoring Metric Optimization
- Change to Database Audit Resource ID
- Ops Change
- Storage Price Adjustment Notification
- Product Introduction
- Kernel Features
- Purchase Guide
- Getting Started
- Database Audit
- Serverless Service
- Operation Guide
- Switching Cluster Page View in Console
- Database Connection
- Instance Management
- Configuration Adjustment
- Cluster Management
- Scaling Instance
- Database Proxy
- Database Proxy Overview
- Use Limits
- Database Proxy Kernel Features
- Managing Database Proxy
- Enabling Database Proxy
- Setting Database Proxy Address
- Modifying or Deleting Connection Addresses
- Viewing and Changing the Access Policy
- Rebalancing the Load
- Transaction Split Feature
- Access Mode
- Adjusting Database Proxy Configuration
- Switching Database Proxy Network
- Viewing Database Proxy Monitoring Data
- Disabling Database Proxy
- Automatic Read/Write Separation
- Connection Pool Feature
- Other Features
- Account Management
- Database Management
- Database Management Tool
- Columnar Storage Index (CSI)
- Parameter Configuration
- Multi-AZ Deployment
- Backup and Restoration
- Operation Log
- Data Migration
- Parallel Query
- Database Security and Encryption
- Monitoring and Alarms
- Basic SQL Operations
- Connecting to TDSQL-C for MySQL Through SCF
- Tag
- Practical Tutorial
- Classified Protection Practice for Database Audit of TDSQL-C for MySQL
- Upgrading Database Version from MySQL 5.7 to 8.0 Through DTS
- Usage Instructions for TDSQL-C MySQL
- New Version of Console
- Implementing Multiple RO Groups with Multiple Database Proxy Connection Addresses
- Strengths of Database Proxy
- Selecting Billing Mode for Storage Space
- Creating Remote Disaster Recovery by DTS
- Creating VPC for Cluster
- Data Rollback
- Solution to High CPU Utilization
- How to Authorize Sub-Users to View Monitoring Data
- White Paper
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Billing APIs
- Instance APIs
- CloseClusterPasswordComplexity
- CopyClusterPasswordComplexity
- DescribeClusterDetail
- DescribeClusterPasswordComplexity
- ModifyClusterPasswordComplexity
- OpenClusterPasswordComplexity
- UpgradeClusterVersion
- UpgradeInstance
- SetRenewFlag
- OfflineCluster
- ModifyMaintainPeriodConfig
- IsolateInstance
- IsolateCluster
- DescribeMaintainPeriod
- DescribeInstanceSpecs
- DescribeClusters
- CreateClusters
- AddInstances
- OfflineInstance
- DescribeInstanceDetail
- DescribeClusterInstanceGrps
- DescribeInstances
- ActivateInstance
- ModifyInstanceName
- ModifyClusterName
- SearchClusterTables
- SearchClusterDatabases
- RestartInstance
- Multi-AZ APIs
- Account APIs
- Audit APIs
- Database Proxy APIs
- Backup and Restoration APIs
- Parameter Management APIs
- Performance Analysis APIs
- Serverless APIs
- ResourcePackage APIs
- Other APIs
- CloseWan
- CreateClusterDatabase
- DeleteClusterDatabase
- DescribeClusterDetailDatabases
- ModifyClusterDatabase
- OpenWan
- SwitchClusterVpc
- OpenReadOnlyInstanceExclusiveAccess
- OpenClusterReadOnlyInstanceGroupAccess
- ModifyDBInstanceSecurityGroups
- DescribeProjectSecurityGroups
- DescribeDBSecurityGroups
- SwitchProxyVpc
- DescribeFlow
- DescribeZones
- ModifyVipVport
- Data Types
- Error Codes
- FAQs
- Service Agreement
- TDSQL-C Policy
- General References
- Glossary
- Contact Us
This document describes how to modify a database audit rule template in the console.
Note:
As of September 25, 2023, the relationship between rule templates and audit instances has been adjusted from initialization to strong association. Any modification to the content of a rule template will synchronously impact the audit rule applied to instances that are bound to the rule template.
The same field of rule content can be configured with a maximum of 5 characteristic strings. And each string is separated by vertical bar"|".
Directions
1. Log in to the TDSQL-C for MySQL console.
2. On the left sidebar, click Database Audit.
3. Select Region and click Rule Template.
4. Find the target rule template in the rule template list, or search for it by resource attribute in the search box, and click Edit in the Operation column.
5. In the Edit Rule Template window, modify configuration items and click OK.
Parameter | Description |
Rule Template Name | This field can contain up to 30 letters, digits, and symbols -_./()[]()+=::@,and cannot start with a digit. |
Rule Content | This fields sets the rule content (parameter field, operator, characteristic string). For detailed instructions, see the following Rule content details and examples. Note: Click Add to add parameter fields in rule content. Click Delete in the Operation column in rule content to remove the unnecessary parameter field and condition. Note that at least one parameter field and condition should be reserved. |
Risk Level | Select the risk level for this rule template, with options of Low risk, Medium risk, and High risk. |
Alarm Policy | Select an alarm strategy for this rule template, with options of Do not send alarm notification and send alarm notification. Note: Please proceed to Tencent Cloud's Observability Platform > Alarm Management to configure alarm rules and notifications. For more details, refer to Post-Event Alarm Configuration. |
Rule Template Remarks | This field can contain up to 200 letters, digits, and symbols -_./()[]()+=::@and cannot start with a digit. |
Rule content details and examples
Note:
You can configure one or multiple rules.
Different rules are in AND relationship; that is, they need to be met at the same time.
Different characteristic strings in a rule are in OR relationship; that is, at least one of them needs to be met.
You can add only one operator for the same parameter field; for example, for the database name, the operator can be either Include or Exclude.
Parameter Field | Operator | Characteristic String |
Client IP | Include, Exclude, Equal to, Not equal to, Regex | Up to 5 client IPs can be configured and should be separated by vertical bar "|". |
Database Account | Include, Exclude, Equal to, Not equal to, Regex | Up to 5 usernames can be configured and should be separated by vertical bar "|". |
Database Name | Include, Exclude, Equal to, Not equal to, Regex | Up to 5 database names can be configured and should be separated by vertical bar "|". |
SQL Details | Include, Exclude | Up to five SQL commands can be configured and should be separated by vertical bar "|". |
SQL Type | Equal to, Not equal to | Up to five SQL types can be selected. Valid options: ALTER, CHANGEUSER, CREATE, DELETE, DROP, EXECUTE, INSERT, LOGIN, LOGOUT, OTHER, REPLACE, SELECT, SET, UPDATE. |
Affected Rows | Greater than, Less than | Select affected rows |
Returned Rows | Greater than, Less than | Select returned rows |
Scanned Rows | Greater than, Less than | Select scanned rows |
Execution Time | Greater than, Less than | Select execution time in microseconds |
Example
If the following rule content is set: the database name should include
a, b, or c, and the client IP should include IP1, 2 or 3, then the audit logs filtered by the rule are those where the database name includes a, b, or c and the client IP includes IP1, 2, or 3. 
Yes
No
Was this page helpful?