Chapter 3. Enable Ranger KMS Audit
Ranger KMS supports audit to DB, HDFS, and Solr. Solr is well-suited for short-term auditing and UI access (for example, one month of data accessible via quick queries in the Web UI). HDFS is typically used for archival auditing. They are not mutually exclusive; we recommend configuring audit to both Solr and HDFS.
First, make sure Ranger KMS logs are enabled:
- Go to the Ambari UI: - http://<gateway>:8080
- Select - ranger-kmsfrom the service.
- Click the Configs tab, and go to the accordion menu. 
- In the Advanced ranger-kms-audit list, set - xasecure.audit.is.enabledto true.
- Select "Audit to Solr" and/or "Audit to HDFS", depending on which database(s) you plan to use:  
- Save the configuration and restart the Ranger KMS service. 
Next, check to see if the Ranger KMS Plugin is enabled:
- Go to the Ranger UI: - http://<gateway>:6080
- Login with your keyadmin user ID and password (the defaults are - keyadmin,- keyadmin). The default repository will be added under KMS service.
- Run a test connection for the service. You should see a ‘connected successfully’ popup message. If the connection is not successful, make sure that the configured user exists (in KDC for a secure cluster). 
- Choose the Audit > Plugin tab. 
- Check whether plugins are communicating. The UI should display - Http Response code 200for the respective plugin.
The next two subsections describe how to save audit to Solr and HDFS.

