[ https://issues.apache.org/jira/browse/CASSANDRA-14498?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16657478#comment-16657478 ]
Vinay Chella commented on CASSANDRA-14498: ------------------------------------------ Thanks for reviewing the patch [~eperott] {quote}There is one corner case that I'm not able to cover properly though; that is having audit logs on all keyspaces. {quote} You could have an empty {{excluded_keyspaces}} in yaml without mentioning any keyspaces. e.g., {code:java} excluded_keyspaces: "" {code} {quote}Also, most out of curiosity, what's the reasoning for adding system_virtual_schema to the default exclude-list? {quote} {{system_virtual_schema}} was introduced as part of CASSANDRA-7622, these column families tend to get queries from tools which are often at high frequency and generates a lot of audit messages from internal tools. However, if an operator decides to audit this keyspace they can do that from {{cassandra.yaml}} file Let me know if this does not satisfy your requirements. > Audit log does not include statements on some system keyspaces > -------------------------------------------------------------- > > Key: CASSANDRA-14498 > URL: https://issues.apache.org/jira/browse/CASSANDRA-14498 > Project: Cassandra > Issue Type: Bug > Components: Auth > Reporter: Per Otterström > Assignee: Vinay Chella > Priority: Major > Labels: audit, lhf, security > Fix For: 4.0 > > Attachments: 14498-trunk.txt > > > Audit logs does not include statements on the "system" and "system_schema" > keyspace. > It may be a common use case to whitelist queries on these keyspaces, but > Cassandra should not make assumptions. Users who don't want these statements > in their audit log are still able to whitelist them with configuration. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org