审计日志 - Teradata QueryGrid

Teradata® QueryGrid™ 安装和用户指南
Product
Teradata QueryGrid
Release Number
2.17
Published
2021 年 12 月
Language
中文 (简体)
Last Update
2021-12-28
dita:mapPath
zh-CN/ber1631654027108.ditamap
dita:ditavalPath
ft:empty
dita:id
B035-5991
Product Category
Analytical Ecosystem

审计日志包含集群范围的事件视图和对集群 QueryGrid 的更改。审计日志位于 /etc/opt/teradata/tdqgm/logs/tdqgm-audit.log,并在集群中的所有 QueryGrid 管理器上都有副本。该日志包含所有失败的登录尝试以及配置更改。如果日志的大小达到 100MB,它将循环并重命名为 tdqgm-audit.log.1 以用于存储。磁盘上最多可以保留 10 个循环的审计日志文件。

审计日志消息的格式如下所示:
DATE TIME ACTION RESOURCE_TYPE USER_DETAILS --- RESULT
  • DATE - 当前日期,格式为 YYYY-MM-DD
  • TIME - 审计记录的时间 (UTC)
  • ACTION - 用户执行的操作,为以下项之一:CREATED、UPDATED、DELETED 或 LOGIN
  • RESOURCE_TYPE - 创建、更新或删除的资源类型(例如 SYSTEM、CONNECTOR 或 FABRIC)
  • USER_DETAILS - 包含有关执行操作的用户的详细信息
    • user:QueryGrid 管理器用户的名称(例如 viewpoint、support)
    • address:Teradata QueryGrid 客户端的 IP
    • endUser:Viewpoint 用户的用户名(如果从 Viewpoint 访问)
    • endUserAddress:Viewpoint 用户 IP(如果从 Viewpoint 访问)
    • manager:处理请求的集群中的管理器主机名
  • RESULT - ACTION 的结果。如果 ACTION 为 CREATED 或 DELETED,结果将包含已创建或删除的资源。如果 ACTION 为 UPDATED,结果将包含资源的 BEFORE 和 AFTER 内容。

示例

以下是新创建的系统的审计日志示例:
2020-06-12 22:36:38.603  CREATED SYSTEM  {user=viewpoint;address=10.10.10.10;endUser=bob;endUserAddress=10.11.11.11;manager=tdqgm1.labs.teradata.com} --- {"id":"8f3213f6-5e40-4064-b648-cf581536fa7d","lastModified":"2020-06-12T15:36:38.596-0700","name":"ProdHadoop","description":null,"dataCenterId":"764b2c95-0868-497f-8c25-b866449ee3b9","softwareVersion":"02.11.00.03-4","maximumMemoryPerNode":1073741824,"bridgeOnly":false,"proxySupportType":"NO_PROXY","proxyPort":null,"proxyNetworkId":null,"proxySystemId":null,"autoNodeDelete":false,"autoNodeDeleteMinutes":null}
以下是更新的系统的审计日志示例:
2020-06-12 22:42:26.614  UPDATED SYSTEM  {user=viewpoint;address=10.10.10.10;endUser=bob;endUserAddress=10.11.11.11;manager=tdqgm2.labs.teradata.com} --- BEFORE: {"id":"8f3213f6-5e40-4064-b648-cf581536fa7d","lastModified":"2020-06-12T15:36:38.596-0700","name":"ProdHadoop","description":null,"dataCenterId":"764b2c95-0868-497f-8c25-b866449ee3b9","softwareVersion":"02.11.00.00-4","maximumMemoryPerNode":1073741824,"bridgeOnly":false,"proxySupportType":"NO_PROXY","proxyPort":null,"proxyNetworkId":null,"proxySystemId":null,"autoNodeDelete":false,"autoNodeDeleteMinutes":null}, AFTER: {"id":"8f3213f6-5e40-4064-b648-cf581536fa7d","lastModified":"2020-06-12T25:42:26.120-0700","name":"ProdHadoop","description":null,"dataCenterId":"764b2c95-0868-497f-8c25-b866449ee3b9","softwareVersion":"02.12.00.00-4","maximumMemoryPerNode":1073741824,"bridgeOnly":false,"proxySupportType":"NO_PROXY","proxyPort":null,"proxyNetworkId":null,"proxySystemId":null,"autoNodeDelete":false,"autoNodeDeleteMinutes":null}