Stefan Podkowinski commented on CASSANDRA-12151:

I'd not use the logback logger for query logging in production. As shown 
recently in CASSANDRA-14318, the performance impact is significant and your 
benchmark results show that as well. Rotating out log files by simply deleting 
them is probably also not what you'd expect from a auditing solution. But maybe 
we can keep the logback logger for some simple auth related logging and make it 
also useful for users who would not enable auditing in first place. How about 
enabling the {{FileAuditLogger}} by default and let it create an {{auth.log}}, 
which would log all failed login attempts? Maybe add a comment on how to enable 
successful attempts as well.

Looks like this won't be possible with the current {{included_categories}} 
filtering, which is based on the DDL, DML, .. categories. I'd suggest to make 
the filter work for both the category and actual AuditLogEntryType (SELECT, 

Full query logging should be done using the BinLogger or a custom 
implementation. It would be nice to be able to use mutliple implementations in 
parallel, in case we want to enable FileAuditLogger by default.

NIT: check logger.isEnabled before toString in FileAuditLogger

> Audit logging for database activity
> -----------------------------------
>                 Key: CASSANDRA-12151
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-12151
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: stefan setyadi
>            Assignee: Vinay Chella
>            Priority: Major
>             Fix For: 4.x
>         Attachments: 12151.txt, CASSANDRA_12151-benchmark.html, 
> DesignProposal_AuditingFeature_ApacheCassandra_v1.docx
> we would like a way to enable cassandra to log database activity being done 
> on our server.
> It should show username, remote address, timestamp, action type, keyspace, 
> column family, and the query statement.
> it should also be able to log connection attempt and changes to the 
> user/roles.
> I was thinking of making a new keyspace and insert an entry for every 
> activity that occurs.
> Then It would be possible to query for specific activity or a query targeting 
> a specific keyspace and column family.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

Reply via email to