Stefan Podkowinski commented on CASSANDRA-12151:

To further summarize, let me quote [~jolynch]'s list of collected use cases 
once more and add another use case highlighted with bold letters.
{quote} # Logging for security
 # Logging for business accounting compliance (e.g. SOX).
 # Logging for monetary transaction compliance (e.g. PCI).
 # *Logging for data protection compliance (GDPR)*.
 # Logging for replay later (e.g. for correctness testing)
 # Logging for debugging{quote}
Why is user auditing relevant to comply with GDPR regulations? [Art. 
30|https://gdpr-info.eu/art-30-gdpr/] mandates that organizations must maintain 
records of processing activities. As already mentioned, this doesn't have to 
take place in Cassandra directly and can often be done more effectively at 
application level. But if data is manipulated manually, or say you have some 
small adhoc tools that change data but won't produce valid logs, you need to be 
able to enable auditing logging for these cases, to be able to document how 
data was changed.
 It's also required by [art. 32|https://gdpr-info.eu/art-32-gdpr/] that any 
natural person must only process personal data as instructed, ie. you need to 
have an activity log to be able to prove that this is actually the case.

> Audit logging for database activity
> -----------------------------------
>                 Key: CASSANDRA-12151
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-12151
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: stefan setyadi
>            Assignee: Vinay Chella
>            Priority: Major
>             Fix For: 4.x
>         Attachments: 12151.txt, 
> DesignProposal_AuditingFeature_ApacheCassandra_v1.docx
> we would like a way to enable cassandra to log database activity being done 
> on our server.
> It should show username, remote address, timestamp, action type, keyspace, 
> column family, and the query statement.
> it should also be able to log connection attempt and changes to the 
> user/roles.
> I was thinking of making a new keyspace and insert an entry for every 
> activity that occurs.
> Then It would be possible to query for specific activity or a query targeting 
> a specific keyspace and column family.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

Reply via email to