Community Articles

VidyaSargur · ‎05-11-2020

Note: Cloudera does not support antivirus software of any kind.

This article contains general recommendations for excluding Ambari components and directories from antivirus scans and monitoring.

The three primary locations you will want to exclude from antivirus are:

Data directories: These can be very large, and therefore take a long time to scan; they can also be very write-heavy, and therefore suffer performance impacts or failures if the AV holds up writes.
Log directories: These are write-heavy.
Scratch directories: These are internal locations used by some services for writing temporary data, and can also cause performance impacts or failures if the AV holds up writes.

Note: Ambari has a special requirement in the form of a user-configurable database. I recommend you exclude this database. However, the details of this database are set on installation; the database may be colocated with ambari-server, or on a remote host. Consult with your database administrators for details on the path where the database information is stored; Ambari does not keep this information anywhere in its configuration. If you need details about which database Ambari is using, search for JDBC in the “amber.properties” file.

# grep 'jdbc' /etc/ambari-server/conf/ambari.properties

Consider excluding the following directories and all of their subdirectories:

Installation, Configuration, and Libraries

/usr/hdp
/usr/lib/ambari-agent
/usr/lib/ambari-server

/etc/hadoop
/etc/ambari-agent
/etc/ambari-server

/var/lib/ambari-agent
/var/lib/ambari-server

Runtime and Logging

/var/run/ambari-agent
/var/run/ambari-server

/var/log/ambari-agent
/var/log/ambari-server

Cloudera Community

Community Articles

Excluding Ambari from antivirus scans

Apache Ambari

Hortonworks Data Platform (HDP)

Security