Enable audit logging to a file
Use Simple Logging Facade for Java (SLF4J
) audit writer (SLF4JAuditWriter
) logger to record all database activity that occurs on the local node to the audit.log file.
Secure the log file by controlling access using standard Linux file system permissions.
Hyper-Converged Database (HCD) does not support data encryption for the audit.log file.
Encryption is only available for the |
audit.log
The location of the audit.log
file is:
-
/var/log/cassandra/audit/audit.log
To capture events to the audit.log file:
-
Locate the
cassandra.yaml
configuration file. The location of this file depends on your installation type.-
Package installations
-
Tarball installations
/etc/hcd/cassandra/cassandra.yaml
INSTALLATION_LOCATION/resources/cassandra/conf/cassandra.yaml
Replace INSTALLATION_LOCATION with the path where you extracted the HCD tarball.
-
-
Set the
audit_logging_options
in thecassandra.yaml
file:audit_logging_options: enabled: true logger: - class_name: SLF4JAuditWriter
In the Cassandra log directory, HCD creates audit/audit.log
.
After the log file reaches the configured size threshold, it rolls over, and the log file name is changed.
The file names include a numerical suffix that is determined by the maxBackupIndex
property.