Filter roles
Locate the cassandra.yaml
configuration file. The location of this file depends on your installation type.
-
Package installations
-
Tarball installations
/etc/hcd/cassandra/cassandra.yaml
INSTALLATION_LOCATION/resources/cassandra/conf/cassandra.yaml
Replace INSTALLATION_LOCATION with the path where you extracted the HCD tarball.
Set up activity tracking of specific login roles in the audit_logging_options section of the cassandra.yaml
.
audit_logging_options:
enabled: true
logger:
- class_name: LOGGER_NAME
# included_categories:
# excluded_categories:
# included_keyspaces:
# excluded_keyspaces:
# included_roles:
# excluded_roles:
where LOGGER_NAME
is SLF4JAuditWriter
or CassandraAuditWriter
.
By default, both roles parameters are commented out and therefore events are captured for all roles. Use only one of the following parameters to limit the roles whose activity is tracked:
-
included_roles
: Includes only matching roles; excludes all others. -
excluded_roles
: Excludes matching roles; includes all others.
Match roles using a comma-separated list of names.
Example
Events of all roles except for hcd_admin
and jim
are captured.
audit_logging_options:
enabled: true
logger:
- class_name: CassandraAuditWriter
# included_categories:
# excluded_categories:
# included_keyspaces:
# excluded_keyspaces:
# included_roles:
excluded_roles: hcd_admin, jim