Enable audit logging to a file
Use Simple Logging Facade for Java (SLF4J
) audit writer (SLF4JAuditWriter
) logger to record all database activity that occurs on the local node to the audit.log file.
Secure the log file by controlling access using standard Linux file system permissions.
DSE does not support data encryption for the audit.log file.
Encryption is only available for the |
audit.log
The location of the audit.log
file is:
-
/var/log/cassandra/audit/audit.log
To capture events to the audit.log file:
-
Locate the
dse.yaml
configuration file. The location of this file depends on the type of installation:-
Package installations:
/etc/dse/dse.yaml
-
Tarball installations:
<installation_location>/resources/dse/conf/dse.yaml
-
-
Set the
audit_logging_options
in thedse.yaml
file:
audit_logging_options:
enabled: true
logger: SLF4JAuditWriter
In the Cassandra log directory, DataStax Enterprise creates audit/audit.log
.
After the log file reaches the configured size threshold, it rolls over, and the log file name is changed.
The file names include a numerical suffix that is determined by the maxBackupIndex
property.