Cloud
Astra DB
Astra Streaming
Real-Time AI
Self Managed
DataStax Enterprise
Luna for Apache Cassandra®
Luna Streaming
Support
DataStax Expert Support
pricing
Astra DB Plans
Astra Streaming Details
Data Solutions
Astra Block
Success stories
Barracuda Networks
Uniphore
View All stories
Use Cases
Internet-of-Things (IoT)
E-Commerce
Customer 360
Financial Services
View All Use Cases
Digital Champions
Alpha Ori
Priceline
View All Champions
Build and scale cloud native apps
Discover the benefits of DBaaS and why your apps deserve an upgrade.
Learn How
developers
Docs
Community
Downloads
Workshops & Events
Sample Apps
Certifications
Learn about NoSQL Databases
Learn about NoSQL databases with Apache Cassandra and Astra DB.
register now
learn
Blog
Events
Community
eBooks
Open Source Data Podcast
White Papers
Inspired Execution Podcast
Webinars
VIEW ALL RESOURCES
2022 Recap: A Year for Customers, Community, and Real-Time Data
Highlights from 2022 and a glimpse into the year ahead.
read more

Audit Logging in Apache Cassandra® 4.0

Video: Enable, Configure and View Audit Logs

Audit Logging

Audit logging records information about changes made to a database. Enterprises use audit logs to track who made changes, what data changed and when changes were made. This data is crucial for:

Regulatory compliance (HIPAA, SOX, PCI, etc.)
Security compliance
Debugging

What Gets Logged?

Audit logging has access to the information shown here. The default behavior is to write all of the fields to the log.

user: User name (if available)
host: Host IP, where the command is being executed
source ip address: Source IP address where the request was initiated
source port: Source port number where the request was initiated
timestamp: unix timestamp
type: Type of the request (SELECT, INSERT, etc.)
category: Category of the request (DDL, DML, etc.)
keyspace: Keyspace (if applicable) to which the request is targeted
scope: Table/Aggregate name/function name/trigger name etc., as applicable
operation: CQL command being executed

Enable Audit Logging

Audit logging is disabled by default in Cassandra. There are two ways to configure audit logging: dynamically using nodetool or statically using cassandra.yaml. A configuration using nodetool overrides a configuration defined in cassandra.yaml and does not persist across server restarts.

Configurable Properties

enabled: This option enables/disables audit log
logger: Class name of the logger/custom logger
audit_logs_dir: Audit logs directory location, if not set, the default is cassandra.logdir.audit or cassandra.logdir + /audit/
included_keyspaces: Comma separated list of keyspaces to be included in audit log, default - includes all keyspaces
excluded_keyspaces: Comma separated list of keyspaces to be excluded from audit log, default - excludes no keyspace
included_categories: Comma separated list of Audit Log Categories to be included in audit log, default - includes all categories
excluded_categories: Comma separated list of Audit Log Categories to be excluded from audit log, default - excludes no category
included_users: Comma separated list of users to be included in audit log, default - includes all users
excluded_users: Comma separated list of users to be excluded from audit log, default - excludes no user

Security Best Practices

Use excludes to limit logs to the information actually required.

Use the operating system to control access to log files containing sensitive data.

Redact sensitive data before sharing log files.

Skill Building

Want to get some hands-on experience? Give our interactive lab a try! You can do it all from your browser, it only takes a few minutes and you don’t have to install anything.

More Resources

Items related to Audit Logging

Audit Logging in Apache Cassandra 4.0 | The Apache Cassandra Blog

Audit Logging Documentation

Cassandra 4.0 Doubles Down on Performance and Reliability!