Reply
New Contributor
Posts: 7
Registered: ‎02-17-2016

Re: Audit trail for HDFS data use

I have the same/related question: what is the default logging level for logging user-issued 'hdfs dfs' commands?  Does the system log all those commands by default?  Where would I look to see what the logging level actually is?  Thanks.

Posts: 941
Topics: 1
Kudos: 218
Solutions: 117
Registered: ‎04-22-2014

Re: Audit trail for HDFS data use

@davids30,

 

What, exactly, are you trying to track?  Are you trying to generate audit information for HDFS access?

New Contributor
Posts: 7
Registered: ‎02-17-2016

Re: Audit trail for HDFS data use

Trying to track how a user interacted with HDFS for compliance reasons. What files were accessed, what hdfs commands were issued, and when.

Thanks
Posts: 941
Topics: 1
Kudos: 218
Solutions: 117
Registered: ‎04-22-2014

Re: Audit trail for HDFS data use

@davids30,

 

If you are using CDH:

 

- (without Navigator Audit Server) by default, audits are stored in /var/log/hadoop-hdfs/hfds-audit.log

- (With Navigator Audit Server), audits are stored in /var/log/hadoop-hdfs/audits/

 

This page has a list of auditable events:

 

https://www.cloudera.com/documentation/enterprise/6/6.0/topics/cn_audit_event_reference.html#operati...

 

 

New Contributor
Posts: 7
Registered: ‎02-17-2016

Re: Audit trail for HDFS data use

thanks!
Announcements