How to Enable and Configure Audit Logging

You may enable and configure audit logging using the following two methods. With each method, you can set the variables that are described in the previous section. Note that you can only set these variables to take effect when a node starts, as opposed to taking effect while a node is running.

Toolbox preserves the node's base directory (or “basedir”) during an upgrade. By default, Toolbox sets the auditlogsdir relative to the node’s base directory, and the value for auditlogsdir to auditlogs. For the tarball-based deployments, a node’s default base directory is ~/memsql/nodes/<hash>, however, the base directory can be anywhere on the filesystem.

When changing the value of auditlogsdir, SingleStore suggests using either:

  • A relative path

  • An absolute path outside of the memsql directory (i.e., outside of /var/lib/memsql).

    For example, /var/log/memsql or /var/log/singlestore are suitable provided that the memsql:memsql permissions are also set on this directory.

Method 1: Use SingleStore Tools (Preferred Method)

  1. Update the audit logging configuration variables using the sdb-admin update-config command. Use the --all flag to update the variable settings on all nodes. For example, execute the following commands:

    sdb-admin update-config --all --key "auditlog_level" --value "ADMIN-ONLY"
    
    sdb-admin update-config --all --key "auditlog_disk_sync" --value "OFF"
    sdb-admin update-config --all --key "auditlog_rotation_size" --value "134217728"
    sdb-admin update-config --all --key "auditlog_rotation_time" --value "3600"
    sdb-admin update-config --all --key "auditlogsdir" --value "<value>"

    For sdb-admin update-config --all --key "auditlogsdir" --value "<value>":

    • To set the auditlogsdir value to auditlogs:

      sdb-admin update-config --all --key "auditlogsdir" --value "auditlogs"
    • To set the auditlogsdir value within /var/lib/memsql:

      sdb-admin update-config --all --key "auditlogsdir" --value "/var/lib/memsql/master-3306-1/auditlogs"
    • To set the auditlogsdir value outside of /var/lib/memsql:

      sdb-admin update-config --all --key "auditlogsdir" --value "/var/log/singlestore"
  2. Restart the nodes.

    sdb-admin restart-node --all
  3. Ensure that SingleStore DB starts successfully. Once started, validate that your settings have been loaded successfully by executing the following SQL command in a SQL client.

    SHOW GLOBAL VARIABLES LIKE 'audit%';
    ****
    +------------------------+-----------------------------------------+
    | Variable_name          | Value                                   |
    +------------------------+-----------------------------------------+
    | auditlog_level         | ADMIN-ONLY                              |
    | auditlog_disk_sync     | OFF                                     |
    | auditlog_rotation_size | 134217728                               |
    | auditlog_rotation_time | 3600                                    |
    | auditlogsdir           | /var/lib/memsql/master-3306-1/auditlogs |
    +------------------------+-----------------------------------------+
    

Once each node in your cluster has been updated with the new configuration changes, audit logging has been successfully configured and enabled.

Method 2: Modify the memsql.cnf File

Notice

Always ensure that each node in your cluster has been stopped before making audit logging configuration changes in the memsql.cnf file.

  1. Open a new console window with access to the node you want to configure.

  2. Stop any SingleStore DB processes on the node.

    sdb-admin stop-node --all
  3. Audit logging variables are set in the memsql.cnf file in each node’s SingleStore DB path. By default, the path for a typical Master Aggregator node is:

    • For RPM and Debian deployments: /var/lib/memsql/<hash>

    • For tarball-based deployments: ~/memsql/nodes/<hash>

    After a node has been stopped, navigate to the memsql.cnf path for the node and open the file with a text editor. Add the four required audit logging variables.

    For example, consider the following sample configuration:

    max-pooled-connections  = 100
    max-connection-threads = 256
    default-partitions-per-leaf = 8
    max_subselect_aggregator_rowcount = 0
    allow_user_functions
    
    auditlog_level = ADMIN-ONLY
    auditlog_disk_sync = OFF
    auditlog_rotation_size = 134217728
    auditlog_rotation_time = 3600
    auditlogsdir = <value>
    

    For auditlogsdir = <value>:

    • To set the auditlogsdir value to auditlogs:

      auditlogsdir = auditlogs
    • To set the auditlogsdir value within /var/lib/memsql:

      auditlogsdir = /var/lib/memsql/master-3306-1/auditlogs
    • To set the auditlogsdir value outside of /var/lib/memsql:

      auditlogsdir = /var/log/singlestore
  4. When your configuration is complete, save the memsql.cnf file and exit the text editor.

    Warning

    Repeat the configuration update process for each node in your cluster before continuing.

  5. Start the node.

    sdb-admin start-node --all
  6. Ensure that SingleStore DB starts successfully. Once started, validate that your settings have been loaded successfully by executing the following SQL command in a SQL client.

    SHOW GLOBAL VARIABLES LIKE 'audit%';
    ****
    +------------------------+-----------------------------------------+
    | Variable_name          | Value                                   |
    +------------------------+-----------------------------------------+
    | auditlog_level         | ADMIN-ONLY                              |
    | auditlog_disk_sync     | OFF                                     |
    | auditlog_rotation_size | 134217728                               |
    | auditlog_rotation_time | 3600                                    |
    | auditlogsdir           | /var/lib/memsql/master-3306-1/auditlogs |
    +------------------------+-----------------------------------------+
    

Once each node in your cluster has been updated with the new configuration changes, audit logging has been successfully configured and enabled.