You can specify what types of events generate entries in the Cyral data activity logs, and you can specify the tables, columns, fields, or endpoints that will be monitored.
Toggle this option ON to log all types of events including queries that query data, (DQL), manipulate data (DML), define schemas (DDL), as well as database transactions, privileged actions, suspicious actions, and policy violations.
Toggle this option ON to log all types of events including queries that query data, (DQL), manipulate data (DML), define schemas (DDL), as well as database transactions. To log only a subset of data actions, toggle this checkbox OFF and then toggle on the DQL, DML, and/or DDL checkboxes. For each, you can choose:
- all requests to log every action of the selected type, regardless of the database object affected; or
- logged fields to log only those actions that affect the fields you've specified in the Logged fields section at the bottom of the Log Settings tab.
Log all data repository administration actions, such as creating or dropping users from a database.
Toggle this option ON to log all types of suspicious activity To log only a subset of activity types, toggle this checkbox OFF and then toggle on one or more of:
- port scans: Logs any suspected attempt to find open database ports on the repository.
- authentication failures: Log each time a user’s authentication attempt fails.
- full scan: Log each time a user performs a full table scan or full collection scan.
Log only actions that violate your Cyral policies.
Create a log entry each time a user connects to or disconnects from the repository.
This results in log entries with
Specified the schemas, tables, and/or columns that will be monitored for activity. Use these settings in conjuction with the Data activity settings in the top half of the Log Settings page.