- Release Notes and Announcements
- Release Notes
- Announcements
- Announcement on the Rule-Based Audit Feature for Database Audit
- Announcement on Some APIs with CAM Authentication Integrated
- Announcement on Some APIs with CAM Authentication Integrated
- Notice on Elimination of Some Indicators in Event Alarms
- Commercial Billing for Database Proxy
- TencentDB for MySQL Audit Upgrade
- Added Authentication APIs
- API Authentication Upgrade
- TencentDB for MySQL API 2.0 Discontinuation
- Monitoring Module Upgrade in Shanghai Region
- Monitoring Metric Optimization
- Network Architecture Upgrade
- Change of APIs for Querying the Specifications of Purchasable Database Instances
- Replacement of Certain Old Database Proxy APIs
- Added Advanced Monitoring Metrics
- Change of Calculation Formula for Memory Utilization
- Monitoring Module Upgrade and Optimization in Guangzhou and Shanghai Regions
- Monitoring Module Upgrade
- Parameter Template and Instance Purchase Process Optimization
- Binlog Will Take up Disk Space
- User Tutorial
- Product Introduction
- Tencent Kernel TXSQL
- Overview
- Kernel Version Release Notes
- Functionality Features
- Performance Features
- Security Features
- Stability Features
- TXRocks Engine
- Purchase Guide
- Billing Overview
- Selection Guide
- Purchase Methods
- Renewal
- Payment Overdue
- Refund
- Pay-as-You-Go to Monthly Subscription
- Instance Adjustment Fee
- Backup Space Billing
- Database Audit Billing Overview
- Commercial Billing and Activity Description for Database Proxy
- Description of the Database Proxy Billing Cycle
- Viewing Bills
- Getting Started
- Database Audit
- MySQL Cluster Edition
- Operation Guide
- Use Limits
- Operation Overview
- Instance Management and Maintenance
- Instance Upgrade
- CPU Elastic Expansion
- Read-Only/Disaster Recovery Instances
- Database Proxy
- Account Management
- Database Management Center (DMC)
- Parameter Configuration
- Network and Security
- Backup and Rollback
- Data Migration
- Monitoring and Alarms
- Operation Logs
- Tag
- Practical Tutorial
- Usage Specifications of TencentDB for MySQL
- Configuring Automatic Application Reconnection
- Impact of Modifying MySQL Source Instance Parameters
- Limits on Automatic Conversion from MyISAM to InnoDB
- Creating VPCs for TencentDB for MySQL
- Enhancing Business Load Capacity with TencentDB for MySQL
- Setting up 2-Region-3-DC Disaster Recovery Architecture
- Improving TencentDB for MySQL Performance with Read/Write Separation
- Migrating Data from InnoDB to RocksDB with DTS
- Building LAMP Stack for Web Application
- Building Drupal Website
- Building All-Scenario High-Availability Architecture
- Calling MySQL APIs in Python
- White Paper
- Troubleshooting
- API Documentation
- History
- Introduction
- API Category
- Data Import APIs
- Rollback APIs
- Parameter APIs
- Making API Requests
- Instance APIs
- StopCpuExpand
- StartCpuExpand
- DescribeCpuExpandStrategy
- AddTimeWindow
- BalanceRoGroupLoad
- CloseWanService
- CreateRoInstanceIp
- DeleteTimeWindow
- DescribeCdbZoneConfig
- DescribeDBFeatures
- DescribeDBInstanceCharset
- DescribeDBInstanceConfig
- DescribeDBInstanceGTID
- DescribeDBInstanceInfo
- DescribeDBInstanceRebootTime
- DescribeDBSwitchRecords
- DescribeRoGroups
- DescribeRoMinScale
- DescribeTagsOfInstanceIds
- DescribeTimeWindow
- IsolateDBInstance
- ModifyAutoRenewFlag
- ModifyDBInstanceName
- ModifyDBInstanceProject
- ModifyDBInstanceVipVport
- ModifyInstanceTag
- ModifyNameOrDescByDpId
- ModifyRoGroupInfo
- ModifyTimeWindow
- OfflineIsolatedInstances
- OpenDBInstanceEncryption
- OpenDBInstanceGTID
- OpenWanService
- ReleaseIsolatedDBInstances
- RenewDBInstance
- RestartDBInstances
- StartReplication
- StopReplication
- SwitchDBInstanceMasterSlave
- SwitchDrInstanceToMaster
- SwitchForUpgrade
- UpgradeDBInstanceEngineVersion
- CreateDBInstance
- CreateDBInstanceHour
- DescribeDBInstances
- UpgradeDBInstance
- DescribeDBZoneConfig
- CreateDeployGroup
- DeleteDeployGroups
- DescribeDeployGroupList
- Database Proxy APIs
- AdjustCdbProxy
- AdjustCdbProxyAddress
- CloseCDBProxy
- CloseCdbProxyAddress
- CreateCdbProxy
- CreateCdbProxyAddress
- DescribeCdbProxyInfo
- DescribeProxyCustomConf
- DescribeProxySupportParam
- ModifyCdbProxyAddressDesc
- ModifyCdbProxyAddressVipAndVPort
- ModifyCdbProxyParam
- ReloadBalanceProxyNode
- SwitchCDBProxy
- UpgradeCDBProxyVersion
- Database Audit APIs
- Security APIs
- Task APIs
- Account APIs
- Backup APIs
- CreateBackup
- DeleteBackup
- DescribeBackupDownloadRestriction
- DescribeBackupOverview
- DescribeBackupSummaries
- DescribeBinlogBackupOverview
- DescribeDataBackupOverview
- DescribeLocalBinlogConfig
- DescribeRemoteBackupConfig
- DescribeSlowLogs
- ModifyBackupDownloadRestriction
- ModifyLocalBinlogConfig
- ModifyRemoteBackupConfig
- DescribeBackups
- DescribeBackupConfig
- DescribeBackupDecryptionKey
- DescribeBackupEncryptionStatus
- DescribeBinlogs
- ModifyBackupConfig
- ModifyBackupEncryptionStatus
- Database APIs
- Monitoring APIs
- Log-related API
- Data Types
- Error Codes
- FAQs
- Service Agreement
- Reference
- Glossary
- Contact Us
- Preset Plugin List
- Release Notes and Announcements
- Release Notes
- Announcements
- Announcement on the Rule-Based Audit Feature for Database Audit
- Announcement on Some APIs with CAM Authentication Integrated
- Announcement on Some APIs with CAM Authentication Integrated
- Notice on Elimination of Some Indicators in Event Alarms
- Commercial Billing for Database Proxy
- TencentDB for MySQL Audit Upgrade
- Added Authentication APIs
- API Authentication Upgrade
- TencentDB for MySQL API 2.0 Discontinuation
- Monitoring Module Upgrade in Shanghai Region
- Monitoring Metric Optimization
- Network Architecture Upgrade
- Change of APIs for Querying the Specifications of Purchasable Database Instances
- Replacement of Certain Old Database Proxy APIs
- Added Advanced Monitoring Metrics
- Change of Calculation Formula for Memory Utilization
- Monitoring Module Upgrade and Optimization in Guangzhou and Shanghai Regions
- Monitoring Module Upgrade
- Parameter Template and Instance Purchase Process Optimization
- Binlog Will Take up Disk Space
- User Tutorial
- Product Introduction
- Tencent Kernel TXSQL
- Overview
- Kernel Version Release Notes
- Functionality Features
- Performance Features
- Security Features
- Stability Features
- TXRocks Engine
- Purchase Guide
- Billing Overview
- Selection Guide
- Purchase Methods
- Renewal
- Payment Overdue
- Refund
- Pay-as-You-Go to Monthly Subscription
- Instance Adjustment Fee
- Backup Space Billing
- Database Audit Billing Overview
- Commercial Billing and Activity Description for Database Proxy
- Description of the Database Proxy Billing Cycle
- Viewing Bills
- Getting Started
- Database Audit
- MySQL Cluster Edition
- Operation Guide
- Use Limits
- Operation Overview
- Instance Management and Maintenance
- Instance Upgrade
- CPU Elastic Expansion
- Read-Only/Disaster Recovery Instances
- Database Proxy
- Account Management
- Database Management Center (DMC)
- Parameter Configuration
- Network and Security
- Backup and Rollback
- Data Migration
- Monitoring and Alarms
- Operation Logs
- Tag
- Practical Tutorial
- Usage Specifications of TencentDB for MySQL
- Configuring Automatic Application Reconnection
- Impact of Modifying MySQL Source Instance Parameters
- Limits on Automatic Conversion from MyISAM to InnoDB
- Creating VPCs for TencentDB for MySQL
- Enhancing Business Load Capacity with TencentDB for MySQL
- Setting up 2-Region-3-DC Disaster Recovery Architecture
- Improving TencentDB for MySQL Performance with Read/Write Separation
- Migrating Data from InnoDB to RocksDB with DTS
- Building LAMP Stack for Web Application
- Building Drupal Website
- Building All-Scenario High-Availability Architecture
- Calling MySQL APIs in Python
- White Paper
- Troubleshooting
- API Documentation
- History
- Introduction
- API Category
- Data Import APIs
- Rollback APIs
- Parameter APIs
- Making API Requests
- Instance APIs
- StopCpuExpand
- StartCpuExpand
- DescribeCpuExpandStrategy
- AddTimeWindow
- BalanceRoGroupLoad
- CloseWanService
- CreateRoInstanceIp
- DeleteTimeWindow
- DescribeCdbZoneConfig
- DescribeDBFeatures
- DescribeDBInstanceCharset
- DescribeDBInstanceConfig
- DescribeDBInstanceGTID
- DescribeDBInstanceInfo
- DescribeDBInstanceRebootTime
- DescribeDBSwitchRecords
- DescribeRoGroups
- DescribeRoMinScale
- DescribeTagsOfInstanceIds
- DescribeTimeWindow
- IsolateDBInstance
- ModifyAutoRenewFlag
- ModifyDBInstanceName
- ModifyDBInstanceProject
- ModifyDBInstanceVipVport
- ModifyInstanceTag
- ModifyNameOrDescByDpId
- ModifyRoGroupInfo
- ModifyTimeWindow
- OfflineIsolatedInstances
- OpenDBInstanceEncryption
- OpenDBInstanceGTID
- OpenWanService
- ReleaseIsolatedDBInstances
- RenewDBInstance
- RestartDBInstances
- StartReplication
- StopReplication
- SwitchDBInstanceMasterSlave
- SwitchDrInstanceToMaster
- SwitchForUpgrade
- UpgradeDBInstanceEngineVersion
- CreateDBInstance
- CreateDBInstanceHour
- DescribeDBInstances
- UpgradeDBInstance
- DescribeDBZoneConfig
- CreateDeployGroup
- DeleteDeployGroups
- DescribeDeployGroupList
- Database Proxy APIs
- AdjustCdbProxy
- AdjustCdbProxyAddress
- CloseCDBProxy
- CloseCdbProxyAddress
- CreateCdbProxy
- CreateCdbProxyAddress
- DescribeCdbProxyInfo
- DescribeProxyCustomConf
- DescribeProxySupportParam
- ModifyCdbProxyAddressDesc
- ModifyCdbProxyAddressVipAndVPort
- ModifyCdbProxyParam
- ReloadBalanceProxyNode
- SwitchCDBProxy
- UpgradeCDBProxyVersion
- Database Audit APIs
- Security APIs
- Task APIs
- Account APIs
- Backup APIs
- CreateBackup
- DeleteBackup
- DescribeBackupDownloadRestriction
- DescribeBackupOverview
- DescribeBackupSummaries
- DescribeBinlogBackupOverview
- DescribeDataBackupOverview
- DescribeLocalBinlogConfig
- DescribeRemoteBackupConfig
- DescribeSlowLogs
- ModifyBackupDownloadRestriction
- ModifyLocalBinlogConfig
- ModifyRemoteBackupConfig
- DescribeBackups
- DescribeBackupConfig
- DescribeBackupDecryptionKey
- DescribeBackupEncryptionStatus
- DescribeBinlogs
- ModifyBackupConfig
- ModifyBackupEncryptionStatus
- Database APIs
- Monitoring APIs
- Log-related API
- Data Types
- Error Codes
- FAQs
- Service Agreement
- Reference
- Glossary
- Contact Us
- Preset Plugin List
This document describes how to create a rule template in the console.
Note:
Starting from September 202325, the relationship between rule templates and audit instances has transitioned from initialization to strong association. Alterations to the rule template content will synchronously impact the audit rules applied to the instances bound to the said rule template.
A rule template allows up to 5 characteristic strings for a single parameter field, with each string being separated by vertical bar "|".
Directions
1. Log in to the TencentDB for MySQL console.
2. On the left sidebar, click Database Audit.
3. Select Region and click Rule Template.
4. In the template list, click Create Rule Template.
5. In the Create Rule Template window, set the following configuration items and click OK.
Parameter | Description |
Rule Template Name | This field can contain up to 30 letters, digits, and symbols -_./()[]()+=::@ and cannot start with a digit. |
Rule Content | This fields sets the rule content (parameter field, operator, characteristic string). For detailed instructions, see the Rule content details and examples. Note: Under the section of rule content, one can augment parameter fields by clicking on 'Add'. Within the operation column under the rule content, unnecessary parameter fields and conditions can be eliminated by clicking 'Delete'. However, at least one parameter field and condition must be retained. |
Risk Level | Select a risk level for the newly created rule template, with options including low risk, medium risk, and high risk. |
Alarm Policy | Choose an alarm policy for the newly created rule template, with options of either refraining from sending alarms or sending alarms. Note: Please go to TCOP->Alarm Management to set alarm rules and notifications. For detailed information, refer to Post-Event Alarm Configuration. |
Rule Template Remarks | This field can contain up to 200 letters, digits, and symbols-_./()[]()+=::@ and cannot start with a digit. |
Rule content details and examples
Note
You can configure one or multiple rules. Up to 5 rules can be configured.
Different rules are in AND relationship; that is, they need to be met at the same time.
Different characteristic strings in a rule are in OR relationship; that is, at least one of them needs to be met.
You can add only one operator for the same parameter field; for example, for the database name, the operator can be either Include or Exclude.
Parameter Field | Operator | Characteristic String |
Client IP | Include, Exclude, Equal to, Not equal to, Regex | Up to five client IPs can be configured and should be separated by vertical bar "|". When the operator is Regex, only one characteristic string can be entered. |
User Account | Include, Exclude, Equal to, Not equal to, Regex | Up to 5 user accounts can be configured, separated by English vertical bars. When the match type is regular expression, only one feature string is supported. |
Database Name | Include, Exclude, Equal to, Not equal to, Regex | Up to five database names can be configured and should be separated by vertical bar "|". When the operator is Regex, only one characteristic string can be entered. |
SQL Details | Include, Exclude | Up to five SQL commands can be configured and should be separated by vertical bar "|". |
SQL Type | Equal to, Not equal to | Up to five SQL types can be selected. Valid options: ALTER, CHANGEUSER, CREATE, DELETE, DROP, EXECUTE, INSERT, LOGIN, LOGOUT, OTHER, REPLACE, SELECT, SET, UPDATE. |
Affected Rows | Greater than, Less than | Select affected rows |
Returned Rows | Greater than, Less than | Select returned rows |
Scanned Rows | Greater than, Less than | Select scanned rows |
Execution Time | Greater than, Less than | Select execution time, with the unit being millisecond. |
Example: If the following rule content is set, the database name should include
a, b, or c, and the client IP should include IP1, 2 or 3, then the audit logs filtered by the rule are those where the database name includes a, b, or c and the client IP includes IP1, 2, or 3.
Yes
No
Was this page helpful?