Shulou(Shulou.com)06/02 Report--

Background

The database stores the core data of the system, and its security problems have become an important source of leakage and tampering in the traditional environment. In the cloud, the threat to the database is further magnified. Therefore, the operation of the cloud database, especially the audit log recorded by the full SQL, is particularly important, which is the most basic requirement to ensure the security of the cloud database. For the SQL audit of cloud database, do you have the following questions:

Does SQL audit have an impact on database performance?

The data has been tampered with, but without SQL auditing enabled, can the tamper be traced back?

Can SQL audit logs play a bigger role than tracking security issues? Can it help us gain insight into the implementation status, performance metrics and potential security problems of SQL?

If you use Aliyun's distributed relational database DRDS, congratulations, all of the above questions will be satisfactorily answered.

DRDS, a distributed relational database, combines with log service to launch SQL audit and analysis function, which not only supports the view of historical SQL records, but also provides real-time diagnostic and analysis capabilities for SQL implementation status, performance metrics, and security problems, giving you a comprehensive insight into SQL.

Functional advantage

Easy to operate: easy to configure and open, real-time audit and analysis of SQL logs.

History problem traceability: support one-click import history SQL log, trace the problem.

Lossless performance: real-time pull DRDS node SQL log file upload, support second delay, no impact on instance performance

Real-time analysis: relying on the log service, it provides SQL real-time analysis, out-of-the-box report center and supports custom report and drill-down analysis to gain a comprehensive insight into the implementation status, performance and security issues of SQL.

Real-time alarm: support customized quasi-real-time alarm based on specific metrics to ensure timely response to critical business anomalies.

Price advantage: the storage cost is lower than the traditional scheme, and the storage fee per GB log is as low as 0.58 yuan / month.

About the SQL log.

DRDS's SQL audit logs are pulled by a dedicated cluster in real-time and parallel to each node's SQL log files, and uploaded in batches to the user's own log database, which supports a second delay and has no impact on instance performance. The SQL audit log collection architecture is shown below:

Cdn.com/fc7afb2f866a573f136399e1d27062bf3068d2ef.png ">

In order to give you comprehensive insight into the SQL,DRDS SQL audit log, which provides complete SQL information, you can analyze and diagnose SQL in real time. SQL logs include, but are not limited to, the following information, as detailed in: log field.

DDL: SQL-based SQL that defines the database structure, such as CREATE, ALTER

DROP, TRUNCATE, COMMENT, etc.

DML:SQL operation statements, including SELECT, INSERT, UPDATE, DELETE, etc.

Other SQL execution, including any other controls performed through SQL, such as rollback, control, etc.

Failed execution of SQL

Time of SQL execution, number of rows affected

SQL template information, type information

Intra-transaction SQL association information

Application scenario

Import of historical data-provide users with an opportunity to take regret medicine

SQL audit usually exists in the form of value-added services in cloud databases, and small and medium-sized customers do not open it for cost reasons. However, once it is found that the data has been tampered with and wants to trace the tamper, it is too late to regret. The historical data import function of DRDS SQL audit and analysis provides these customers with an opportunity to take regret medicine! You can open the SQL audit log in the DRDS console and select Import Historical data to add the logs that occurred in the past to the scope of audit analysis and trace the data tamperers. DRDS will dynamically detect the range of historical data that supports import based on the storage of SQL logs on your instance node. Currently, you can import data within seven days at most.

Analysis of SQL execution status-- SQL implementation trend, type distribution and hot TABLE are clear at a glance

SQL performance analysis-slow SQL, high-cost SQL templates, large (long) transactions at a glance

SQL safety analysis-- dangerous SQL and mass operation.

Related reading

We will introduce DRDS SQL audit and analysis related best practices in the future, please look forward to it!

Relevant user manual information for reference-"Aliyun DRDS SQL Audit Log":

Brief introduction

Open SQL audit log

Log field

Log analysis

Log report

Senior management

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.