Sign inTry Free

Audit Logging

On this page

Note

This feature is not available in all editions of SingleStore. For more information, see SingleStore Editions.

SingleStore logs all database activities and writes the generated logs to an external location. SingleStore provides multiple logging levels, and each level provides limited or exhaustive information about user actions and database responses. This feature is useful for performing common information security tasks such as auditing, investigating suspicious activity, and validating access control policies.

Prerequisites

  • SingleStore version 7.3 or later

  • Required permissions for destination directory: Ensure that the destination directory has the required permissions to write log files. If SingleStore cannot write to a destination directory, then the database will become unresponsive.

  • Available disk space on log file directory: Ensure that the destination directory has enough disk space to write log files. If the disk runs out of space, the database will become unresponsive.

Audit of Automatic Rollback Events

If a CA is terminated before COMMIT, the open transaction is cleaned up and any uncommitted changes are rolled back.

The following options can be used to trace the implicit rollback however, there is no dedicated user-facing audit trail or event that explicitly records the automatic rollback:

  • MV_PROCESSLIST view shows active sessions with fields like TRANSACTION_STATE and ROW_LOCKS_HELD but only while the session is still alive, it does not capture events retrospectively.

  • Query History / MV_TRACE_EVENTS, which show query completions or failures but not the implicit rollback cleanup itself.

  • Audit logs, which capture executed SQL such as explicit ROLLBACK, but do not record a separate event for automatic rollback due to connection or process cleanup.

  • Node logs, which may show the CA failure or restart, but not an actual transaction-level rollback record.

In this section

Last modified:

Was this article helpful?

On this page

Was this article helpful?

Verification instructions

Note: You must install cosign to verify the authenticity of the SingleStore file.

Use the following steps to verify the authenticity of singlestoredb-server, singlestoredb-toolbox, singlestoredb-studio, and singlestore-client SingleStore files that have been downloaded.

You may perform the following steps on any computer that can run cosign, such as the main deployment host of the cluster.

  1. (Optional) Run the following command to view the associated signature files.

    curl undefined

  2. Download the signature file from the SingleStore release server.

    • Option 1: Click the Download Signature button next to the SingleStore file.

    • Option 2: Copy and paste the following URL into the address bar of your browser and save the signature file.

    • Option 3: Run the following command to download the signature file.

      curl -O undefined

  3. After the signature file has been downloaded, run the following command to verify the authenticity of the SingleStore file.

    echo -n undefined |
        cosign verify-blob --certificate-oidc-issuer https://oidc.eks.us-east-1.amazonaws.com/id/CCDCDBA1379A5596AB5B2E46DCA385BC \
          --certificate-identity https://kubernetes.io/namespaces/freya-production/serviceaccounts/job-worker \
          --bundle undefined \
          --new-bundle-format -
    Verified OK

Try Out This Notebook to See What’s Possible in SingleStore

Get access to other groundbreaking datasets and engage with our community for expert advice.

Sign UpLog In