Security Configuration

enable_security_policy

Parameter description: Specifies whether the unified audit and dynamic data masking policies take effect.

This is a SIGHUP parameter. Set it based on instructions provided in Table 1.

Value range: Boolean

on: The security policy is enabled.

off: The security policy is disabled.

Default value: off

use_elastic_search

Parameter description: Specifies whether to send unified audit logs to Elasticsearch. If enable_security_policy and this parameter are enabled, unified audit logs are sent to Elasticsearch through HTTP or HTTPS (used by default). After this parameter is enabled, ensure that the Elasticsearch service corresponding to elastic_search_ip_addr can be properly connected. Otherwise, the process fails to be started.

This is a POSTMASTER parameter. Set it based on instructions in Table 1.

Value range: Boolean

on: Unified audit logs are sent to Elasticsearch.

off: Unified audit logs are not sent to Elasticsearch.

Default value: off

elastic_search_ip_addr

Parameter description: Specifies the IP address of the Elasticsearch system.

This is a POSTMASTER parameter. Set it based on instructions in Table 1.

Value range: a string

Default value: 'https:127.0.0.1'

is_sysadmin

Parameter description: Specifies whether the current user is an initial user.

This parameter is a fixed INTERNAL parameter and cannot be modified.

Value range: Boolean

on indicates that the user is an initial user.

off indicates that the user is not an initial user.

Default value: off