Audit Log | QueryGrid - Audit Log - Teradata QueryGrid

QueryGrid™ Installation and User Guide - 3.06

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
Lake
VMware
Product
Teradata QueryGrid
Release Number
3.06
Published
December 2024
ft:locale
en-US
ft:lastEdition
2024-12-07
dita:mapPath
ndp1726122159943.ditamap
dita:ditavalPath
ft:empty
dita:id
lxg1591800469257
Product Category
Analytical Ecosystem

An audit log contains a cluster-wide view of events and changes to QueryGrid within a cluster. The audit log is found at /etc/opt/teradata/tdqgm/logs/tdqgm-audit.log and is replicated on all QueryGrid Managers in a cluster. The log contains all failed logon attempts and configuration changes. When the log reaches 100MB in size, the audit log is rotated and renamed tdqgm-audit.log.1 for storage. Up to 10 rotated audit log files are kept on disk.

The format for the audit log message is the following:
DATE TIME ACTION RESOURCE_TYPE USER_DETAILS --- RESULT
  • DATE – Current date in YYYY-MM-DD format
  • TIME – Time of audit record in UTC
  • ACTION – The action performed by the user, one of: CREATED, UPDATED, DELETED, or LOGIN
  • RESOURCE_TYPE – The type of resource created, updated, or deleted (for example. SYSTEM, CONNECTOR, or FABRIC)
  • USER_DETAILS – Contains details about the user that performed the action
    • user: The name of the QueryGrid Manager user (such as, viewpoint, support)
    • address: The IP of the QueryGrid client
    • endUser: The username of the Viewpoint user, if accessed from Viewpoint
    • endUserAddress: The Viewpoint user IP, if accessed from Viewpoint
    • manager: The hostname of the manager in the cluster that handled the request
  • RESULT – The result of ACTION. If ACTION is CREATED or DELETED, the result contains the created or deleted resource. If ACTION is UPDATED, the result contains the BEFORE and AFTER contents of the resource.

Examples

The following is an example audit log for a newly created system:
2020-06-12 22:36:38.603  CREATED SYSTEM  {user=viewpoint;address=10.10.10.10;endUser=bob;endUserAddress=10.11.11.11;manager=tdqgm1.labs.teradata.com} --- {"id":"8f3213f6-5e40-4064-b648-cf581536fa7d","lastModified":"2020-06-12T15:36:38.596-0700","name":"ProdHadoop","description":null,"dataCenterId":"764b2c95-0868-497f-8c25-b866449ee3b9","softwareVersion":"02.11.00.03-4","maximumMemoryPerNode":1073741824,"bridgeOnly":false,"proxySupportType":"NO_PROXY","proxyPort":null,"proxyNetworkId":null,"proxySystemId":null,"autoNodeDelete":false,"autoNodeDeleteMinutes":null}
The following is an example audit log for an updated system:
2020-06-12 22:42:26.614  UPDATED SYSTEM  {user=viewpoint;address=10.10.10.10;endUser=bob;endUserAddress=10.11.11.11;manager=tdqgm2.labs.teradata.com} --- BEFORE: {"id":"8f3213f6-5e40-4064-b648-cf581536fa7d","lastModified":"2020-06-12T15:36:38.596-0700","name":"ProdHadoop","description":null,"dataCenterId":"764b2c95-0868-497f-8c25-b866449ee3b9","softwareVersion":"02.11.00.00-4","maximumMemoryPerNode":1073741824,"bridgeOnly":false,"proxySupportType":"NO_PROXY","proxyPort":null,"proxyNetworkId":null,"proxySystemId":null,"autoNodeDelete":false,"autoNodeDeleteMinutes":null}, AFTER: {"id":"8f3213f6-5e40-4064-b648-cf581536fa7d","lastModified":"2020-06-12T25:42:26.120-0700","name":"ProdHadoop","description":null,"dataCenterId":"764b2c95-0868-497f-8c25-b866449ee3b9","softwareVersion":"02.12.00.00-4","maximumMemoryPerNode":1073741824,"bridgeOnly":false,"proxySupportType":"NO_PROXY","proxyPort":null,"proxyNetworkId":null,"proxySystemId":null,"autoNodeDelete":false,"autoNodeDeleteMinutes":null}