監査ログには、クラスタ内のイベントおよびQueryGridに対する変更のクラスタ全体のビューが含まれます。監査ログは/etc/opt/teradata/tdqgm/logs/tdqgm-audit.logで見つけることができ、クラスタ内のすべてのQueryGridマネージャにレプリケートされます。ログには、失敗したログイン試行と構成変更がすべて含まれます。ログのサイズが 100 MB に達すると、ストレージ用にローテーションされ、tdqgm-audit.log.1名前が変更されます。最大 10 個のローテーションされた監査ログ ファイルがディスクに保存されます。
監査ログ メッセージの形式は次のとおりです。
DATE TIME ACTION RESOURCE_TYPE USER_DETAILS --- RESULT
- DATE - Current date in YYYY-MM-DD format
- TIME - Time of audit record in UTC
- ACTION - The action performed by the user, one of: CREATED, UPDATED, DELETED, or LOGIN
- RESOURCE_TYPE - The type of resource created, updated, or deleted (e.g. SYSTEM, CONNECTOR, FABRIC, etc.)
- USER_DETAILS - Contains details about the user that performed the action
- user: The name of the QueryGrid Manager user (i.e. viewpoint, support)
- address: The IP of the QueryGrid Manager clientg
- endUser: The username of the Viewpoint user, if accessed from Viewpoint
- endUserAddress: The Viewpoint user IP, if accessed from Viewpoint
- manager: The hostname of the manager in the cluster that handled the request
- RESULT - The result of the action. If action is CREATED or DELETED, it will contain the resource that was created or deleted. If action is UPDATED, it will contain the BEFORE and AFTER contents of the resource.
例
以下は、新しく作成されたシステムの監査ログの例です。
2020-06-12 22:36:38.603 CREATED SYSTEM {user=viewpoint;address=10.10.10.10;endUser=bob;endUserAddress=10.11.11.11;manager=tdqgm1.labs.teradata.com} --- {"id":"8f3213f6-5e40-4064-b648-cf581536fa7d","lastModified":"2020-06-12T15:36:38.596-0700","name":"ProdHadoop","description":null,"dataCenterId":"764b2c95-0868-497f-8c25-b866449ee3b9","softwareVersion":"02.11.00.03-4","maximumMemoryPerNode":1073741824,"bridgeOnly":false,"proxySupportType":"NO_PROXY","proxyPort":null,"proxyNetworkId":null,"proxySystemId":null,"autoNodeDelete":false,"autoNodeDeleteMinutes":null}
以下は、更新されたシステムの監査ログの例です。
2020-06-12 22:42:26.614 UPDATED SYSTEM {user=viewpoint;address=10.10.10.10;endUser=bob;endUserAddress=10.11.11.11;manager=tdqgm2.labs.teradata.com} --- BEFORE: {"id":"8f3213f6-5e40-4064-b648-cf581536fa7d","lastModified":"2020-06-12T15:36:38.596-0700","name":"ProdHadoop","description":null,"dataCenterId":"764b2c95-0868-497f-8c25-b866449ee3b9","softwareVersion":"02.11.00.00-4","maximumMemoryPerNode":1073741824,"bridgeOnly":false,"proxySupportType":"NO_PROXY","proxyPort":null,"proxyNetworkId":null,"proxySystemId":null,"autoNodeDelete":false,"autoNodeDeleteMinutes":null}, AFTER: {"id":"8f3213f6-5e40-4064-b648-cf581536fa7d","lastModified":"2020-06-12T25:42:26.120-0700","name":"ProdHadoop","description":null,"dataCenterId":"764b2c95-0868-497f-8c25-b866449ee3b9","softwareVersion":"02.12.00.00-4","maximumMemoryPerNode":1073741824,"bridgeOnly":false,"proxySupportType":"NO_PROXY","proxyPort":null,"proxyNetworkId":null,"proxySystemId":null,"autoNodeDelete":false,"autoNodeDeleteMinutes":null}