This is documentation for MapR Version 5.0. You can also refer to MapR documentation for the latest release.

Skip to end of metadata
Go to start of metadata

These types of audit log record operations that are managed by the mfs service and MapR-DB. These operations take place within volumes and have effects at the level of the MapR filesystem.

These audit logs are stored in a system volume created specifically to store them. This volume is created automatically during cluster installations and upgrades. Operations are logged on the nodes on which the operations are executed, which could differ from the nodes where operations are initiated. Logs are stored in the MapR file system at /var/mapr/local/<node_name>/audit/.

Audit logs for operations on directories and files

Operations on directories and files, as well as the deletion of MapR-DB tables, are logged in files that have this naming convention: FSAudit.log.json-dd-mm-yyyy-<001-999>

To see what information is recorded in typical log entries, see Example Log Entries for Audited Filesystem Operations.

Audit logs for operations on MapR-DB tables

All operations on MapR-DB tables are logged in files that have this naming convention: DBAudit.log.json-dd-mm-yyy-<001-999>

Operations that result from maprcli commands, REST calls, or activity in the MapR Control Service are also logged in /opt/mapr/mapr-cli-audit-log/audit.log.json in the local filesystem on the nodes where the operations are processed.

To see what information is recorded in typical log entries, see Example Log Entries for Audited Operations on MapR-DB Tables.

Icon
Due to the way that the creation of tables is processed internally, sometimes the creation of tables is logged in FSAudit.log.json, rather than in DBAudit.log.json.
  • No labels