What resources are available to help harden a Zookeeper installation? What Zookeeper files should be watched with custom auditing rules? Reviewing the Zookeeper documentation we don't see many security configuration recommendations beyond the ACL section.
Background: we are running a 3 node Zookeeper for most projects under RHEL 7.7 Systems minimal installs with SELinux, FIPS, and STIG standards. Zookeeper we are using to support a 3 node Kafka installation. We are offloading Zookeeper logs to our Central Logging system. We are blocking the Zookeeper mangement tcp port 2181. thanks, Michael Angel
