[ https://issues.apache.org/jira/browse/CASSANDRA-12151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16458567#comment-16458567 ]
Jason Brown edited comment on CASSANDRA-12151 at 4/30/18 1:29 PM: ------------------------------------------------------------------ After rereading this patch, I've merged the FQL and AuditLog code paths as they do the same thing from the outside: record user-initiated events. To that end, I've moved the management of {{FullQueryLogger}} under {{AuditLogManager}}, thus making {{AuditLogManager}} the hub for logging these actions. Further, instead of {{BinAuditLogger}} inherit from {{FullQueryLogger}} (which never felt quite right), I've pulled the shared componentry into a base class ({{BinLogAuditLogger}}), and {{BinAuditLogger}} / {{FullQueryLogger}} inherit from that. I refactored {{AuditLogEntry}} to use the builder pattern for construction as all the {{static #getLogEntry()}} with the {{set*()}} methods was rather confusing. Further, we're using the builder pattern elsewhere in the code. {{#toString()}} is typically used for debugging, so I'd prefer a different method name - I used {{#getLogString()}}. If you want the debug dump to have the same output, you can have {{toString()}} call that renamed function. We need an extra filter in {{AuditLogManager#log(AuditLogEntry)}} to make sure we don't send unintended messages to FQL. Can you figure out what that is? I'm not sure if we can simply use the entry's {{AuditLogEntryType}} or the type's category. Why did you remove the reloadFilters functionality? I feel like the {{category}} in AuditLogEntryType should be an enum, as well. wdyt? I haven't looked at the circleci results yet for utests/dtests, but let's make sure this is right path forward first. UPDATE: branch (squashed as single patch) is [here|https://github.com/jasobrown/cassandra/tree/trunk_CASSANDRA-12151] was (Author: jasobrown): After rereading this patch, I've merged the FQL and AuditLog code paths as they do the same thing from the outside: record user-initiated events. To that end, I've moved the management of {{FullQueryLogger}} under {{AuditLogManager}}, thus making {{AuditLogManager}} the hub for logging these actions. Further, instead of {{BinAuditLogger}} inherit from {{FullQueryLogger}} (which never felt quite right), I've pulled the shared componentry into a base class ({{BinLogAuditLogger}}), and {{BinAuditLogger}} / {{FullQueryLogger}} inherit from that. I refactored {{AuditLogEntry}} to use the builder pattern for construction as all the {{static #getLogEntry()}} with the {{set*()}} methods was rather confusing. Further, we're using the builder pattern elsewhere in the code. {{#toString()}} is typically used for debugging, so I'd prefer a different method name - I used {{#getLogString()}}. If you want the debug dump to have the same output, you can have {{toString()}} call that renamed function. We need an extra filter in {{AuditLogManager#log(AuditLogEntry)}} to make sure we don't send unintended messages to FQL. Can you figure out what that is? I'm not sure if we can simply use the entry's {{AuditLogEntryType}} or the type's category. Why did you remove the reloadFilters functionality? I feel like the {{category}} in AuditLogEntryType should be an enum, as well. wdyt? I haven't looked at the circleci results yet for utests/dtests, but let's make sure this is right path forward first. > Audit logging for database activity > ----------------------------------- > > Key: CASSANDRA-12151 > URL: https://issues.apache.org/jira/browse/CASSANDRA-12151 > Project: Cassandra > Issue Type: New Feature > Reporter: stefan setyadi > Assignee: Vinay Chella > Priority: Major > Fix For: 4.x > > Attachments: 12151.txt, CASSANDRA_12151-benchmark.html, > DesignProposal_AuditingFeature_ApacheCassandra_v1.docx > > > we would like a way to enable cassandra to log database activity being done > on our server. > It should show username, remote address, timestamp, action type, keyspace, > column family, and the query statement. > it should also be able to log connection attempt and changes to the > user/roles. > I was thinking of making a new keyspace and insert an entry for every > activity that occurs. > Then It would be possible to query for specific activity or a query targeting > a specific keyspace and column family. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org