Configuring auditing for a DSE Search/Solr cluster
The filter-mapping element in the Solr web.xml file enables auditing.
The filter-mapping element in the Solr web.xml file enables auditing
By default, DSE Search/Solr nodes need no configuration for data auditing except setting up the log4j-server.properties file. If the filter-mapping element in the Solr web.xml file is commented out, the auditor cannot log anything from Solr and you need to configure auditing as described in the next section.
Procedure
If necessary, uncomment the filter-mapping element in the Solr web.xml.
<filter-mapping> <filter-name>DseAuditLoggingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
The Solr web.xml is located in the following directory:
- Installer-Services and Package installations: /usr/share/dse/solr/web/solr/WEB-INF/web.xml
- Installer-No Services and Tarball installations: install_location/resources/solr/web/solr/WEB-INF/web.xml
Solr Audit Log example
Here is an example of the data audit log of a Solr query:
host:/10.245.214.159|source:127.0.0.1|user:jdoe|timestamp:1356045339910|category:QUERY |type:SOLR_QUERY|ks:wiki|cf:solr|operation:/wiki.solr/select/?q=body:trains