OceanBase

A unified distributed database ready for your transactional, analytical, and AI workloads.

Product Overview

DEPLOY YOUR WAY

OceanBase Cloud

The best way to deploy and scale OceanBase

OceanBase Enterprise

Run and manage OceanBase on your infra

TRY OPEN SOURCE

OceanBase Community Edition

The free, open-source distributed database

OceanBase seekdb

Open source AI native search database

Customer Stories

Real-world success stories from enterprises across diverse industries.

View All

BY USE CASES

Mission-Critical Transactions

Global & Multicloud Application

Elastic Scaling for Peak Traffic

Real-time Analytics

Active Geo-redundancy

Database Consolidation

Comprehensive knowledge hub for OceanBase.

Blog

Live Demos

Training & Certification

Documentation

Official technical guides, tutorials, API references, and manuals for all OceanBase products.

View All

PRODUCTS

OceanBase Cloud

OceanBase Database

Tools Connectors and Middleware

QUICK START

OceanBase Cloud OceanBase Database

BEST PRACTICES

Practical guides for utilizing OceanBase more effectively and conveniently

Learn more about OceanBase – our company, partnerships, and trust and security initiatives.

About OceanBase

Partner

Trust Center

Document Feedback

Overview

Last Updated：2026-05-07 11:26:25 Updated

OceanBase Database uses a series of filters to audit specific events. The filters can filter events based on dimensions such as account and event type. Each filter can choose whether to audit the filtered events.

Applicability

This topic applies only to OceanBase Database Enterprise Edition. OceanBase Database Community Edition does not support audit features.

Audit functions

Note

You can set a default filter to apply to all users that have not explicitly set a filter.

The following table lists the audit functions (expressions) supported in OceanBase Database MySQL mode.

Function	Description
AUDIT_LOG_FILTER_SET_FILTER	Creates a filter.
AUDIT_LOG_FILTER_SET_USER	Sets a filter to a user.
AUDIT_LOG_FILTER_REMOVE_USER	Removes a filter from a user.
AUDIT_LOG_FILTER_REMOVE_FILTER	Removes a filter.

Limitations and considerations

Expressions must be directly and uniquely placed in a SELECT statement's output column (select item) without any parent expressions.
Expressions cannot be written in subqueries.
After a filter is defined, it must be set to a user for it to take effect.
The relationship between filters and users is one-to-many. A single filter can be set to multiple users, but a user can only have one filter.
When a connection is established, the audit filter (Audit Filter) used by the current session is determined and remains unchanged throughout the session.
- Calling AUDIT_LOG_FILTER_SET_USER and AUDIT_LOG_FILTER_REMOVE_USER to modify the binding between a filter and a user does not affect the currently connected session.
- Modifying the definition of a filter or deleting a filter affects the currently connected session.
AUDIT_LOG_FILTER_REMOVE_FILTER will cascade delete the binding between the filter and all audit users, and operations under these users will no longer be audited.

Previous topic

TOKENIZE

Last

Next topic

AUDIT_LOG_FILTER_REMOVE_FILTER