Configure Audit Logging
On this page
Note
Audit logging features are only available in the SingleStore Premium edition.
Warning
As of the time of this publication, strict mode is available and licensed only as part of the SingleStore Premium edition.
To enable audit logging, set auditlog_
to a value other than OFF
.
You can configure audit logging using the following variables:
Setting Name |
Value |
---|---|
|
Specifies whether every audit log record is synchronously written and persisted to the disk. |
|
Specifies the audit logging level. |
|
Indicates the retention period (in days) for audit log files. |
|
Specifies the maximum size per log file in bytes. |
|
Specifies the maximum time duration to write to a single log file in seconds. |
|
Specifies the local or network directory to write log files. |
How to Enable and Configure Audit Logging
You may enable and configure audit logging using the following two methods.
Toolbox preserves the node's base directory (or “basedir”) during an upgrade.auditlogsdir
relative to the node’s base directory, and the value for auditlogsdir
to auditlogs
.~/memsql/nodes/<hash>
, however, the base directory can be anywhere on the filesystem.
When changing the value of auditlogsdir
, SingleStore suggests using either:
-
A relative path
-
An absolute path outside of the
memsql
directory (i.e. , outside of /var/lib/memsql
).For example,
/var/log/memsql
or/var/log/singlestore
are suitable provided that thememsql:memsql
permissions are also set on this directory.
Method 1: Use SingleStore Tools (Preferred Method)
-
Update the audit logging configuration variables using the sdb-admin update-config command.
Use the --all
flag to update the variable settings on all nodes.For example, execute the following commands: sdb-admin update-config --all --key "auditlog_level" --value "ADMIN-ONLY"sdb-admin update-config --all --key "auditlog_disk_sync" --value "OFF"sdb-admin update-config --all --key "auditlog_rotation_size" --value "134217728"sdb-admin update-config --all --key "auditlog_rotation_time" --value "3600"sdb-admin update-config --all --key "auditlogsdir" --value "<value>"For
sdb-admin update-config --all --key "auditlogsdir" --value "<value>"
:-
To set the
auditlogsdir
value toauditlogs
:sdb-admin update-config --all --key "auditlogsdir" --value "auditlogs" -
To set the
auditlogsdir
value within/var/lib/memsql
:sdb-admin update-config --all --key "auditlogsdir" --value "/var/lib/memsql/master-3306-1/auditlogs" -
To set the
auditlogsdir
value outside of/var/lib/memsql:
sdb-admin update-config --all --key "auditlogsdir" --value "/var/log/singlestore"
-
-
Restart the nodes.
sdb-admin restart-node --all -
Ensure that SingleStore starts successfully.
Once started, validate that your settings have been loaded successfully by executing the following SQL command in a SQL client. SHOW GLOBAL VARIABLES LIKE 'audit%';+---------------------------+-----------------------------------------+ | Variable_name | Value | +---------------------------+-----------------------------------------+ | auditlog_disk_sync | OFF | | auditlog_level | ADMIN-ONLY | | auditlog_retention_period | 0 | | auditlog_rotation_size | 134217728 | | auditlog_rotation_time | 3600 | | auditlogsdir | /var/lib/memsql/master-3306-1/auditlogs | +---------------------------+-----------------------------------------+
Once each node in your cluster has been updated with the new configuration changes, audit logging has been successfully configured and enabled.
Method 2: Modify the memsql. cnf
File
Note
Always ensure that each node in your cluster has been stopped before making audit logging configuration changes in the memsql.
file.
-
Open a new console window with access to the node you want to configure.
-
Stop any SingleStore processes on the node.
sdb-admin stop-node --all -
Audit logging variables are set in the
memsql.
file in each node’s SingleStore path.cnf By default, the path for a typical Master Aggregator node is: -
For RPM and Debian deployments:
/var/lib/memsql/<hash>
-
For tarball-based deployments:
~/memsql/nodes/<hash>
After a node has been stopped, navigate to the
memsql.
path for the node and open the file with a text editor.cnf Add the four required audit logging variables. For example, consider the following sample configuration:
max-pooled-connections = 100 max-connection-threads = 256 default-partitions-per-leaf = 8 max_subselect_aggregator_rowcount = 0 allow_user_functions auditlog_level = ADMIN-ONLY auditlog_disk_sync = OFF auditlog_rotation_size = 134217728 auditlog_rotation_time = 3600 auditlogsdir = <value>
For
auditlogsdir = <value>
:-
To set the
auditlogsdir
value toauditlogs
:auditlogsdir = auditlogs -
To set the
auditlogsdir
value within/var/lib/memsql
:auditlogsdir = /var/lib/memsql/master-3306-1/auditlogs -
To set the
auditlogsdir
value outside of/var/lib/memsql
:auditlogsdir = /var/log/singlestore
-
-
When your configuration is complete, save the
memsql.
file and exit the text editor.cnf Warning
Repeat the configuration update process for each node in your cluster before continuing.
-
Start the node.
sdb-admin start-node --all -
Ensure that SingleStore starts successfully.
Once started, validate that your settings have been loaded successfully by executing the following SQL command in a SQL client. SHOW GLOBAL VARIABLES LIKE 'audit%';+---------------------------+-----------------------------------------+ | Variable_name | Value | +---------------------------+-----------------------------------------+ | auditlog_disk_sync | OFF | | auditlog_level | ADMIN-ONLY | | auditlog_retention_period | 0 | | auditlog_rotation_size | 134217728 | | auditlog_rotation_time | 3600 | | auditlogsdir | /var/lib/memsql/master-3306-1/auditlogs | +---------------------------+-----------------------------------------+
Once each node in your cluster has been updated with the new configuration changes, audit logging has been successfully configured and enabled.
Last modified: May 29, 2024