cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stefan Podkowinski (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-12151) Audit logging for database activity
Date Mon, 09 Apr 2018 12:26:00 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-12151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16430448#comment-16430448
] 

Stefan Podkowinski commented on CASSANDRA-12151:
------------------------------------------------

I've now managed to update CASSANDRA-13668 by implementing IAuditLogger and expose audit events
as diagnostic events via native transport to subscribed clients. Went pretty much as expected
and seems to work fine.

Smaller issues I've came across:
 * AuditLogUtil doesn't look very useful. DEFAULT_SOURCE is only used once, SYSTEM_USER not
at all.
 * Do we really want to keep IAuditLogger.error()? Please provide a description of the log/error
semantics in context with audit logging for possible subclasses, or get rid of error().
 * AuditLogFilter.isFiltered(): proposed logic will ignore includeSet if excludeSet is provided
(may not make sense to do so, but not strictly forbidden by cassandra.yaml either), e.g. exclude(A),
include(A,B,C) should only have B,C pass

There are also a couple of limitations:
 * Username will not be provided for failed authentications
 * Bound values will not get logged for prepared statements

I haven't found a quick way to work around these, but being able to avoid the audit log by
using prepared statements, is something we have to address. It's probably not going to be
that much of an issue for my use case logging ad-hoc commands for regular users, once we have
CASSANDRA-8303 and can disable prepared statement for them. But for logging all activity for
application users, I don't know.

 
 [~laxmikant99]
{quote}Can we have a configurable property like exitOnAuditFailure ? This fulfills requirement
of strict auditing .. I mean in case auditing fails for a db operation, then the operation
should not get executed.
{quote}
Any logging to the BinLogger should block by default. But it doesn't exit the JVM.

> Audit logging for database activity
> -----------------------------------
>
>                 Key: CASSANDRA-12151
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-12151
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: stefan setyadi
>            Assignee: Vinay Chella
>            Priority: Major
>             Fix For: 4.x
>
>         Attachments: 12151.txt, CASSANDRA_12151-benchmark.html, DesignProposal_AuditingFeature_ApacheCassandra_v1.docx
>
>
> we would like a way to enable cassandra to log database activity being done on our server.
> It should show username, remote address, timestamp, action type, keyspace, column family,
and the query statement.
> it should also be able to log connection attempt and changes to the user/roles.
> I was thinking of making a new keyspace and insert an entry for every activity that occurs.
> Then It would be possible to query for specific activity or a query targeting a specific
keyspace and column family.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org


Mime
View raw message