[
https://issues.apache.org/jira/browse/CASSANDRA-12151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16412272#comment-16412272
]
Dinesh Joshi commented on CASSANDRA-12151:
------------------------------------------
Hey [~vinaykumarcse],
# {{AuditLogEntry.host}} - this should be final. You should use
{{FBUtilities::getBroadcastAddressAndPort}} instead for completeness sake.
# {{AuditLogEntry}} - variables {{source, srcPort, user, type}} could be made
final
# {{AuditLogEntry}} - line 47 Do you need to create a new Date object for each
entry? How about using {{System.currentTimeMillis()}} instead?
# {{AuditLogFilter.logger}} - this needs to be private
# {{AuditLogFilter::loadFilters}} - consider using {{private volatile
ImmutableSet}} instead of {{AtomicReferences}} to mutable sets. The class
invariant should be that once constructed none of the sets should be null.
# Initialization can be simplified like this - {{excludedUsers =
ImmutableSet.of(DatabaseDescriptor.getAuditLoggingOptions().excluded_users.split(","));}}
# Make {{AuditLogFilter}} constructor private
# {{AuditLogFilter}}'s constructor - Do not call a public overridable method
{{loadFilters}} in a constructor. See:
[https://wiki.sei.cmu.edu/confluence/display/java/MET05-J.+Ensure+that+constructors+do+not+call+overridable+methods]
# {{AuditLogFilter:: isFiltered}} - You can return directly at line 137 and
get rid of {{isExcluded}} variable You can get rid of {{isIncluded}} as well
and return at line 148. Let the control fall through to line 153 and it will
return false. Furthermore, If you check the sets during initialization and
ensure that they're mutually exclusive, your logic simplifies to {{if
(includedSet.contains(object)) return false; else if
(excludedSet.contains(object)}) return true;}}
# {{AuditLogManager.logger}} - this needs to be private
# {{AuditLogManager::logError}} - get rid of this method as it is not used
anywhere
# {{AuditLogUtil.DEFAULT_SOURCE}} - this should be {{0.0.0.0/0}} for IPv4 and
{{::/0}} for IPv6. This are used to represent "unknown or unspecified"
addresses.
# {{IAuditLogContext.AuditLogContext}} - please make all the class variables
final.
# {{CreateTypeStatement, AlterTypeStatement, DropTypeStatement}} all have
{{getStringTypeName}}. Since it's not being used anywhere except inside the
class, you can get rid of it.
> Audit logging for database activity
> -----------------------------------
>
> Key: CASSANDRA-12151
> URL: https://issues.apache.org/jira/browse/CASSANDRA-12151
> Project: Cassandra
> Issue Type: New Feature
> Reporter: stefan setyadi
> Assignee: Vinay Chella
> Priority: Major
> Fix For: 4.x
>
> Attachments: 12151.txt, CASSANDRA_12151-benchmark.html,
> DesignProposal_AuditingFeature_ApacheCassandra_v1.docx
>
>
> we would like a way to enable cassandra to log database activity being done
> on our server.
> It should show username, remote address, timestamp, action type, keyspace,
> column family, and the query statement.
> it should also be able to log connection attempt and changes to the
> user/roles.
> I was thinking of making a new keyspace and insert an entry for every
> activity that occurs.
> Then It would be possible to query for specific activity or a query targeting
> a specific keyspace and column family.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
