Query Audit
The Query Audit menu provides visibility into SQL activity captured by OneDB. It allows administrators to review database queries that pass through the OneDB gateway, including connection information, database user, client address, database type, schema, table, and query type.
This feature helps organizations improve database activity visibility, support security monitoring, and review how applications interact with protected databases.
Overview
Query Audit records database activity processed through OneDB. Each audit entry represents a captured query event and provides useful context for monitoring, troubleshooting, and security review.
Administrators can use this menu to identify which database connection was accessed, which user executed the query, where the request came from, and what type of SQL operation was performed.
Information Displayed
The Query Audit table may include the following information:
| Field | Description |
|---|---|
| Captured At | Shows the date and time when the query activity was captured by OneDB. |
| Connection Name | Shows the database connection profile associated with the captured query. |
| DB Username | Shows the database username used when the query was executed. |
| Client Address | Shows the client IP address and port that initiated the database request. |
| Database Type | Shows the database platform, such as Oracle, PostgreSQL, MySQL, or Microsoft SQL Server. |
| Schema | Shows the database schema related to the captured query, when available. |
| Table | Shows the table or object related to the captured query, when available. |
| Query Type | Shows the detected SQL operation type, such as SELECT, INSERT, UPDATE, DELETE, or other query types. |
Filtering Query Audit Records
The Filter function allows administrators to search and narrow down query audit records based on selected criteria.
Administrators can add one or more filter parameters by selecting:
| Filter Option | Description |
|---|---|
| Column | The audit column to be filtered, such as Connection Name, DB Username, Database Type, Schema, Table, or Query Type. |
| Operator | The comparison method used for filtering, such as exact match or partial match. |
| Value | The value used as the filter condition. |
Multiple filter parameters can be added to help administrators locate specific query activities more efficiently.
Common Use Cases
The Query Audit menu can be used for:
| Use Case | Description |
|---|---|
| Database Activity Review | Review SQL activity passing through OneDB. |
| Security Monitoring | Identify access to sensitive tables or protected database objects. |
| Troubleshooting | Check whether application queries are reaching the expected database connection. |
| User Activity Review | Review database activity based on database username or client address. |
| Query Type Analysis | Filter query activity by SQL operation type, such as SELECT, INSERT, UPDATE, or DELETE. |
Recommended Practice
Administrators should regularly review Query Audit records to understand database access patterns and detect unusual activity.
For better investigation, use filters to narrow down records by database connection, username, schema, table, query type, or client address.
Notes
- Query Audit records are generated from SQL traffic processed through OneDB.
- The availability of schema, table, and query type information may depend on the SQL statement structure and database engine behavior.
- Audit visibility may vary depending on enabled OneDB features, database type, and configured listener/connection settings.
- Query Audit should be used as part of broader database security monitoring and operational review.
