[
https://issues.apache.org/jira/browse/CASSANDRA-12151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16430448#comment-16430448
]
Stefan Podkowinski edited comment on CASSANDRA-12151 at 4/9/18 1:08 PM:
------------------------------------------------------------------------
I've now managed to update CASSANDRA-13668 by implementing IAuditLogger and
expose audit events as diagnostic events via native transport to subscribed
clients. Went pretty much as expected and seems to work fine.
Smaller issues I've came across:
* AuditLogUtil doesn't look very useful. DEFAULT_SOURCE is only used once,
SYSTEM_USER not at all.
* Do we really want to keep IAuditLogger.error()? Please provide a description
of the log/error semantics in context with audit logging for possible
subclasses, or get rid of error().
* AuditLogFilter.isFiltered(): proposed logic will ignore includeSet if
excludeSet is provided (may not make sense to do so, but not strictly forbidden
by cassandra.yaml either), e.g. exclude(A), include(A,B,C) should only have B,C
pass
There are also a couple of limitations:
* Username will not be provided for failed authentications
* Bound values will not get logged for prepared statements (as already pointed
out in this ticket's discussion)
I haven't found a quick way to work around these, but being able to avoid the
audit log by using prepared statements, is something we have to address. It's
probably not going to be that much of an issue for my use case logging ad-hoc
commands for regular users, once we have CASSANDRA-8303 and can disable
prepared statement for them. But for logging all activity for application
users, I don't know.
[~laxmikant99]
{quote}Can we have a configurable property like exitOnAuditFailure ? This
fulfills requirement of strict auditing .. I mean in case auditing fails for a
db operation, then the operation should not get executed.
{quote}
Any logging to the BinLogger should block by default. But it doesn't exit the
JVM.
was (Author: spo...@gmail.com):
I've now managed to update CASSANDRA-13668 by implementing IAuditLogger and
expose audit events as diagnostic events via native transport to subscribed
clients. Went pretty much as expected and seems to work fine.
Smaller issues I've came across:
* AuditLogUtil doesn't look very useful. DEFAULT_SOURCE is only used once,
SYSTEM_USER not at all.
* Do we really want to keep IAuditLogger.error()? Please provide a description
of the log/error semantics in context with audit logging for possible
subclasses, or get rid of error().
* AuditLogFilter.isFiltered(): proposed logic will ignore includeSet if
excludeSet is provided (may not make sense to do so, but not strictly forbidden
by cassandra.yaml either), e.g. exclude(A), include(A,B,C) should only have B,C
pass
There are also a couple of limitations:
* Username will not be provided for failed authentications
* Bound values will not get logged for prepared statements
I haven't found a quick way to work around these, but being able to avoid the
audit log by using prepared statements, is something we have to address. It's
probably not going to be that much of an issue for my use case logging ad-hoc
commands for regular users, once we have CASSANDRA-8303 and can disable
prepared statement for them. But for logging all activity for application
users, I don't know.
[~laxmikant99]
{quote}Can we have a configurable property like exitOnAuditFailure ? This
fulfills requirement of strict auditing .. I mean in case auditing fails for a
db operation, then the operation should not get executed.
{quote}
Any logging to the BinLogger should block by default. But it doesn't exit the
JVM.
> Audit logging for database activity
> -----------------------------------
>
> Key: CASSANDRA-12151
> URL: https://issues.apache.org/jira/browse/CASSANDRA-12151
> Project: Cassandra
> Issue Type: New Feature
> Reporter: stefan setyadi
> Assignee: Vinay Chella
> Priority: Major
> Fix For: 4.x
>
> Attachments: 12151.txt, CASSANDRA_12151-benchmark.html,
> DesignProposal_AuditingFeature_ApacheCassandra_v1.docx
>
>
> we would like a way to enable cassandra to log database activity being done
> on our server.
> It should show username, remote address, timestamp, action type, keyspace,
> column family, and the query statement.
> it should also be able to log connection attempt and changes to the
> user/roles.
> I was thinking of making a new keyspace and insert an entry for every
> activity that occurs.
> Then It would be possible to query for specific activity or a query targeting
> a specific keyspace and column family.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
