Li, Qiao
6eff629de3
Reviewed-by: Belejkanic, Lukas <lukas.belejkanic@t-systems.com> Co-authored-by: Li, Qiao <qiaoli@huawei.com> Co-committed-by: Li, Qiao <qiaoli@huawei.com>
3.5 KiB
Functions
Database audit delivers functions such as user behavior detection and audit, multi-dimensional lead analysis, real-time alarms, and reports.
- User Behavior Detection and Audit
- Associates access operations in the application layer with those in the database layer.
- Uses built-in or user-defined privacy data protection rules to mask private data (such as accounts and passwords) in audit logs displayed on the console.
- Multi-dimensional Lead Analysis
- Behavior analysis
Supports analysis in multiple dimensions, such as audit duration, statement quantity, risk quantity, risk distribution, session statistics, and SQL distribution.
- Session analysis
Conducts analysis based on time, user, IP address, and client.
- Statement analysis
Provides multiple search criteria, such as time, risk severity, user, client IP address, database IP address, operation type, and rule.
- Behavior analysis
- Real-time Alarms for Risky Operations and SQL Injection
- Risky operation
Defines a risky operation in fine-grained dimensions such as operation type, operation object, and risk severity.
- SQL injection
Provides an SQL injection library, which facilitates alarm reporting for database exceptions based on the SQL command feature or risk severity.
- System resource
Reports alarms when the usage of system resources (CPU, memory, and disk) reaches configured threshold.
- Risky operation
- Fine-grained Reports for Various Abnormal Behaviors