Setting SQL Audit

Function

This API is used to set a policy for SQL audit logs.

  • Before calling an API, you need to understand the API in Authentication.

  • Before calling this API, obtain the required region and endpoint.

Constraints

This API is supported for MySQL only.

URI

  • URI format

    PUT https://{Endpoint}/v3/{project_id}/instances/{instance_id}/auditlog-policy

  • Parameter description

    Table 1 Parameter description

    Name

    Mandatory

    Description

    project_id

    Yes

    Specifies the project ID of a tenant in a region.

    For details about how to obtain the project ID, see Obtaining a Project ID.

    instance_id

    Yes

    Specifies the DB instance ID.

Request

  • Parameter description

    Table 2 Parameter description

    Name

    Mandatory

    Type

    Description

    keep_days

    Yes

    Integer

    Specifies the number of days for storing audit logs. The value range is from 0 to 732.

    • 0: indicates that SQL audit is disabled.

    • 1 to 732: indicates the retention days for audit logs after SQL audit is enabled.

    reserve_auditlogs

    No

    Boolean

    This parameter is valid only when SQL audit is disabled.

    • true (default value): indicates that historical audit logs are retained when SQL audit is disabled.

    • false: indicates that existing historical audit logs are deleted when SQL audit is disabled.

  • Request example

    PUT https://{Endpoint}/v3/0483b6b16e954cb88930a360d2c4e663/instances/cee5265e1e5845649e354841234567dfin01/auditlog-policy
    

    Update the policy for SQL audit logs:

    {
        "keep_days":5
    }
    

    Disable the policy for SQL audit logs:

    {
        "keep_days":0,
        "reserve_auditlogs":false
    }
    

Response

Status Code

Error Code

For details, see Error Codes.