Audit Log Properties
Describes auditing log properties and how to configure the log properties.
The following properties apply to the audit log file:
- Audit Log Directory - The directory in which audit event log files are written. By default, this property is not set if Cloudera Navigator is not installed. Note
:If the value of this property is changed, and service is restarted, then the Cloudera Manager Agent will start monitoring the new log directory for audit events. In this case it is possible that not all events are published from the old audit log directory. To avoid loss of audit events, when this property is changed, perform the following steps:
- Stop the service.
- Copy audit log files and (for Impala only) the impalad_audit_wal file from the old audit log directory to the new audit log directory. This need to be done on all the nodes where Impala daemons are running.
- Start the service.
- Maximum Audit Log File Size - The maximum size (in queries) of the audit event log file before a new file is created.
- Number of Audit Logs to Retain - Maximum number of rolled over audit logs to retain. The logs will not be deleted if they contain audit events that have not yet been propagated to Audit Server.
Configuring Audit Logs
- Click a supported service.
- Click the Configuration tab.
- Configure the log properties in the following categories:
- Impala -
- HBase, HDFS, and Hive -
- Edit the audit log properties.
- Click Save Changes.
- Restart the service.