Managing the Audit Logger Settings
The logback.xml
file sets the SLF4JAuditWriter
log file configuration including location, name, roll frequency and retention, and level.
<!--audit log-->
<appender name="SLF4JAuditWriterAppender" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${cassandra.logdir}/audit/audit.log</file> <!-- logfile location -->
<encoder>
<pattern>%-5level [%thread] %date{ISO8601} %F:%L - %msg%n</pattern> <!-- the layout pattern used to format log entries -->
<immediateFlush>true</immediateFlush>
</encoder>
<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
<fileNamePattern>${cassandra.logdir}/audit/audit.log.%i.zip</fileNamePattern>
<minIndex>1</minIndex>
<maxIndex>20</maxIndex> <!-- max number of archived logs that are kept -->
</rollingPolicy>
<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
<maxFileSize>200MB</maxFileSize> <!-- The size of the logfile that triggers a switch to a new logfile, and the current one archived -->
</triggeringPolicy>
</appender>
<logger name="SLF4JAuditWriter" level="INFO" additivity="false">
<appender-ref ref="SLF4JAuditWriterAppender"/>
</logger>
Most database activity level is |
Procedure
-
Locate the
logback.xml
file. The location of this file depends on the type of installation:-
Package installations:
/etc/dse/cassandra/logback.xml
-
Tarball installations:
<installation_location>/resources/cassandra/conf/logback.xml
-
-
Open the
logback.xml
file in a text editor. -
To configure data auditing, change the properties.
-
file
- Path to log file on the location system. -
pattern
- Variables to write the log message. To hide sensitive data, see Replacing sensitive data in the audit log. -
immediateFlush
- Whether to write event message to log immediately or not. -
fileNamePattern
- Name convention for the log file when they roll. -
maxFileSize
- Threshold to roll log (maximum log size).
-
-
Restart the node or wait for the configuration to automatically reload.