[ https://issues.apache.org/jira/browse/CASSANDRA-14498?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16656894#comment-16656894 ]
Per Otterström commented on CASSANDRA-14498: -------------------------------------------- Thanks! The patch looks mostly good to me. There is one corner case that I'm not able to cover properly though; that is having audit logs on _all_ keyspaces. This is not possible to configure, I think, since it is not possible to have an empty {{excluded_keyspaces}} list in the yaml, and anything listed in {{included_keyspaces}} will be overruled by things in the {{excluded_keyspaces}} list. The only way around it would be to configure a single non-existing keyspace in the {{excluded_keyspaces}} list, but that doesn't feel quite right. Also, most out of curiosity, what's the reasoning for adding {{system_virtual_schema}} to the default exclude-list? > Audit log does not include statements on some system keyspaces > -------------------------------------------------------------- > > Key: CASSANDRA-14498 > URL: https://issues.apache.org/jira/browse/CASSANDRA-14498 > Project: Cassandra > Issue Type: Bug > Components: Auth > Reporter: Per Otterström > Assignee: Vinay Chella > Priority: Major > Labels: audit, lhf, security > Fix For: 4.0 > > Attachments: 14498-trunk.txt > > > Audit logs does not include statements on the "system" and "system_schema" > keyspace. > It may be a common use case to whitelist queries on these keyspaces, but > Cassandra should not make assumptions. Users who don't want these statements > in their audit log are still able to whitelist them with configuration. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org