Enable audit logging output
By default, Cloudbreak does not have audit logging enabled.
As a root-level administrator, you can do one or both of the following:
- Enable audit log file, which allows you to see aggregated logs for all users.
- Enable audit log sending to Kafka.
Enable audit log file
You can enable audit log file by performing the following steps.
Steps
- Navigate to the deployment directory and open the Profile file for editing. For example:cd /var/lib/cloudbreak-deployment/ vi Profile
- Append the following to the Profile: export CB_AUDIT_FILE_ENABLED=true
- Restart Cloudbreak.
- Cloudbreak will create the audit log file under
       <CLOUDBREAK_DEPLOYMENT_DIRECTORY>/logs/cloudbreak/cb-audit.log. Where <CLOUDBREAK_DEPLOYMENT_DIRECTORY> is the location where cbd is deployed (usually/var/lib/cloudbreak-deployment/).
Example output to log file:
{"errorConsumer":null,"id":"060bd4c0-a0ba-11e8-96af-a543d6cf1e8e","headers":{"origin":null},"replyTo":null,"key":"SAVE_STRUCTURED_EVENT_TO_FILE","data":{"type":"StructuredNotificationEvent","operation":{"eventType":"NOTIFICATION","resourceId":1,"resourceName":"hdpcluster1","resourceType":"stacks","timestamp":1534358146016,"account":"c59bd2ae-53e3-498f-a83f-fcafefb55ab3","userId":"c59bd2ae-53e3-498f-a83f-fcafefb55ab3","userName":"test@hortonworks.com","cloudbreakId":"53e939c8-1135-4973-907b-afe6bd3711c6","cloudbreakVersion":"2.8.0-dev.362","zonedDateTime":{"offset":{"totalSeconds":0,"id":"Z","rules":{"fixedOffset":true,"transitions":[],"transitionRules":[]}},"zone":{"totalSeconds":0,"id":"Z","rules":{"fixedOffset":true,"transitions":[],"transitionRules":[]}},"month":"AUGUST","dayOfYear":227,"dayOfWeek":"WEDNESDAY","year":2018,"monthValue":8,"dayOfMonth":15,"hour":18,"minute":35,"second":46,"nano":16000000,"chronology":{"calendarType":"iso8601","id":"ISO"}}},"notificationDetails":{"notificationType":"BILLING_STARTED","notification":"Billing started, Infrastructure successfully provisioned","cloud":"GCP","region":"us-east1","availabiltyZone":"us-east1-b","stackId":1,"stackName":"hdpcluster1","stackStatus":"CREATE_IN_PROGRESS","nodeCount":2,"instanceGroup":null,"clusterId":1,"clusterName":"hdpcluster1","clusterStatus":"REQUESTED","blueprintName":"hdp26-data-science-spark2","blueprintId":7},"duration":0,"status":"SENT"}}Enable audit log sending to Kafka
You can enable audit log sending to Kafka by performing the following steps.
Steps
- Navigate to the deployment directory and open the Profile file for editing. For example:cd /var/lib/cloudbreak-deployment/ vi Profile
- Append the following to the Profile:export CB_KAFKA_BOOTSTRAP_SERVERS=<server1>:<port1>,<server2>:<port2>Where each<server>:<port>is a Kafka server and port. For example:export CB_KAFKA_BOOTSTRAP_SERVERS=kafka-broker1.mycompany.com:9092,kafka-broker2.mycompany.com:9092
- Restart Cloudbreak.
Example JSON output to Kafka:
{
    "type": "StructuredRestCallEvent",
    "operation": {
        "eventType": "REST",
        "resourceId": null,
        "resourceName": null,
        "resourceType": "util",
        "timestamp": 1533721820279,
        "account": "a10141ba-a8dc-4d2d-af46-3d77c53867d0",
        "userId": "a10141ba-a8dc-4d2d-af46-3d77c53867d0",
        "userName": "test@hortonworks.com",
        "cloudbreakId": "c71f28e3-567e-4379-8a0e-669e31561bbf",
        "cloudbreakVersion": "2.8.0-dev.321",
        "zonedDateTime": {
            "offset": {
                "totalSeconds": 0,
                "id": "Z",
                "rules": {
                    "transitions": [],
                    "transitionRules": [],
                    "fixedOffset": true
                }
            },
            "zone": {
                "totalSeconds": 0,
