Functions

Database audit delivers functions such as user behavior detection and audit, multi-dimensional lead analysis, real-time alarms, and reports.

• User Behavior Detection and Audit
  • Associates access operations in the application layer with those in the database layer.
  • Uses built-in or user-defined privacy data protection rules to mask private data (such as accounts and passwords) in audit logs displayed on the console.
• Multi-dimensional Lead Analysis
  • Behavior analysis

    Supports analysis in multiple dimensions, such as audit duration, statement quantity, risk quantity, risk distribution, session statistics, and SQL distribution.

  • Session analysis

    Conducts analysis based on time, user, IP address, and client.

  • Statement analysis

    Provides multiple search criteria, such as time, risk severity, user, client IP address, database IP address, operation type, and rule.

• Real-time Alarms for Risky Operations and SQL Injection
  • Risky operation

    Defines a risky operation in fine-grained dimensions such as operation type, operation object, and risk severity.

  • SQL injection

    Provides an SQL injection library, which facilitates alarm reporting for database exceptions based on the SQL command feature or risk severity.

  • System resource

    Reports alarms when the usage of system resources (CPU, memory, and disk) reaches configured threshold.

• Fine-grained Reports for Various Abnormal Behaviors
  • Session behavior

    Provides session analysis report of the client and database users.

  • Risky operation

    Provides the risk distribution and analysis report.