[jira] [Commented] (CASSANDRA-12151) Audit logging for database activity

[Vinay Chella (JIRA)]

    [ 
https://issues.apache.org/jira/browse/CASSANDRA-12151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16435109#comment-16435109
 ] 

Vinay Chella commented on CASSANDRA-12151:
------------------------------------------

Hi [~spo...@gmail.com],

Updated the PR with comments provided. {{SYSTEM_USER}} is used in our internal 
backport for thrift code path, I removed it on trunk. I intended to use 
{{IAuditLogger.error()}} initially in error scenarios, but I ended up using 
{{IAuditLogger.log()}}, hence removed it, if any use case comes up, we can add 
it back. Fixed and added more test cases for {{AuditLogFilter.isFiltered()}} to 
address the scenarios you requested.
{quote}Username will not be provided for failed authentications
{quote}
Below is the sample audit statement on failed authentications, username is 
provided as part of the audit log. Are you referring to something else?


{code:java}
INFO [Native-Transport-Requests-1] 2018-04-12 00:37:20,284 
FileAuditLogger.java:35 - 
user:system|host:127.0.0.1:7000|source:/127.0.0.1|port:64481|timestamp:1523518640284|type:LOGIN_ERROR|category:AUTH|operation:LOGIN
 FAILURE; Provided username vchella and/or password are incorrect
{code}


> Audit logging for database activity
> -----------------------------------
>
>                 Key: CASSANDRA-12151
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-12151
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: stefan setyadi
>            Assignee: Vinay Chella
>            Priority: Major
>             Fix For: 4.x
>
>         Attachments: 12151.txt, CASSANDRA_12151-benchmark.html, 
> DesignProposal_AuditingFeature_ApacheCassandra_v1.docx
>
>
> we would like a way to enable cassandra to log database activity being done 
> on our server.
> It should show username, remote address, timestamp, action type, keyspace, 
> column family, and the query statement.
> it should also be able to log connection attempt and changes to the 
> user/roles.
> I was thinking of making a new keyspace and insert an entry for every 
> activity that occurs.
> Then It would be possible to query for specific activity or a query targeting 
> a specific keyspace and column family.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org