tencent cloud

Feedback

Classified Protection Practice for Database Audit of TDSQL-C for MySQL

Last updated: 2024-10-25 09:53:56
    To assist enterprises with classified protection compliance of cybersecurity, this document describes the relationship between the capabilities of TDSQL-C for MySQL Database Audit and the related clauses of Classified Protection, to help enterprises to provide targeted supporting materials.

    Prerequisites

    Database Audit service has been enabled.

    Classified Protection Level 3

    a) The database audit feature should be enabled, auditing each user and covering important user behaviors and significant security events;
    This clause primarily assesses the following three points:
    Whether the Database Audit feature is enabled
    1.1 Log in to the TDSQL-C for MySQL console, and select Database Audit from the left navigation bar. Enabled should be displayed under the Audit Status field, indicating that the Database Audit feature is enabled for the instances in the specified region for the current account.
    
    1.2. Click to view audit logs, which will redirect you to the Audit Log page of the corresponding instance. You should see audit log records (audit log records should be generated), proving that Database Audit is running normally.
    
    Whether the audit scope covers each user
    On the Audit Log page, you can query the user account corresponding to an operation under the User Account field, supporting audit for each username.
    
    Whether important user behaviors and significant security events are audited
    By configuring post-event alarms, you can set audit rules and risk levels for alarms, helping you to receive risk alarms in a timely manner. On the Audit Log page, you can quickly locate problems and view related audit logs.
    
    b) The audit records should include the date and time of an event, user account, SQL type, SQL command details, and other relevant audit information;
    On the Audit Log page, by filtering through time and related search items, you can locate the target audit logs. Click the download icon to download the audit logs to a local computer and query the related information.
    
    c) The audit records should be protected to prevent unexpected deletion, modification, or overwriting;
    After the Database Audit feature is enabled, the deletion button is not provided for audit logs, preventing you from deleting or modifying audit logs by mistake. Audit records will only be cleared when the Database Audit feature is disabled.
    d) Others: The Cybersecurity Law requires that network logs be retained for 6 months or longer.
    On the Audit Log page, select a 6-month time period in the time box to view the logs for the selected 6 months.
    
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support