You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "stefan setyadi (JIRA)" <ji...@apache.org> on 2016/08/01 07:49:20 UTC
[jira] [Commented] (CASSANDRA-12151) Audit logging for database
activity
[ https://issues.apache.org/jira/browse/CASSANDRA-12151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15401669#comment-15401669 ]
stefan setyadi commented on CASSANDRA-12151:
--------------------------------------------
okay so first of all, my initial use case was for the audit log to be reviewed and used to detect intrusion. At first I was thinking of logging the queries so it could be used to detect malicious insert/read.
I admit now that in hindsight, I didn't have a clear idea of how big the scale of the operations were. You're probably right and we shouldn't log every insert/read query.
I agree it is still useful to know any meta-changes but currently I have no clear picture of how the audit log will be used.
+1 on the user login idea and the byteman.
> Audit logging for database activity
> -----------------------------------
>
> Key: CASSANDRA-12151
> URL: https://issues.apache.org/jira/browse/CASSANDRA-12151
> Project: Cassandra
> Issue Type: New Feature
> Reporter: stefan setyadi
> Fix For: 3.x
>
> Attachments: 12151.txt
>
>
> we would like a way to enable cassandra to log database activity being done on our server.
> It should show username, remote address, timestamp, action type, keyspace, column family, and the query statement.
> it should also be able to log connection attempt and changes to the user/roles.
> I was thinking of making a new keyspace and insert an entry for every activity that occurs.
> Then It would be possible to query for specific activity or a query targeting a specific keyspace and column family.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)