MapR 5.1 is at End of Life (EOL) and no longer supported. Please see the latest documentation. This documentation is not being updated.

Home
5.1 Administration
This section contains administration information such as managing your cluster, data, users, jobs and security information such as configuring your security environment and auditing.
Security Guide
Auditing of Cluster Administration and Operations on Directories, Files, Tables, and Streams
Describes how to process and use audit records to improve data analysis.
Auditing of Activity Related to Cluster Administration
Example Log Entries for Audited maprcli Command Executions, REST API Calls, and Actions in MCS

MapR 5.1 Documentation

5.1 Administration
This section contains administration information such as managing your cluster, data, users, jobs and security information such as configuring your security environment and auditing.
- Administrator Guide
- Security Guide
  - Security Overview
    Describes the security features of the MapR Converged Data Platform.
  - Security Architecture
    Describes the default security architecture and additional authentication and encryption capabilities.
  - Logging into a Secure Cluster
    Describes how to use tickets to access a secure MapR cluster.
  - Tickets and Certificates
    Describes how tickets and certificates authenticate users and servers to a cluster.
  - Getting Started with MapR Security
    Describes the two core scenarios that allow quick implementation of security features.
  - Configuring MapR Security
    Describes how to enable security features and configure the components on a secure cluster.
  - Auditing of Cluster Administration and Operations on Directories, Files, Tables, and Streams
    Describes how to process and use audit records to improve data analysis.
    - Prerequisites for Auditing
      Provides instructions for using MapR auditing features.
    - Enabling Auditing
    - Auditing of Activity Related to Cluster Administration
      - Common Features of Audit Logs for Cluster Administration
      - Example Log Entries for Audited maprcli Command Executions, REST API Calls, and Actions in MCS
    - Auditing of Operations on the Filesystem, Tables, and Streams
      Provides instructions for using MapR auditing features.

Example Log Entries for Audited maprcli Command Executions, REST API Calls, and Actions in MCS

The execution of any maprcli command, REST API call, or action in MCS on the cluster is logged in the local filesystem on the node on which the execution happened. The log file is /opt/mapr/mapr-cli-audit-log/audit.log.json. Auditing of these three types of operation is always enabled, whether or not auditing is enabled for cluster-level operations with the maprcli audit cluster command.

Typical log entries provide a timestamp of the execution, the UID of the user who ran the command, the IP address from which the user ran the command, the command itself, and the status of the execution. Status codes are 0 for success and 1 for failure. The error messages field provides the reasons for failures.

Below are some typical log entries:

{"timestamp":{"$date":"2015-06-15T11:45:56.434Z"},"uid":2147483632,"ipAddress":
"10.10.20.12","command":"volume info","arguments":{"name":"mapr.opt"},"status":
1,"errors": ["Volume lookup of mapr.opt failed, No such volume"]}
{"timestamp":{"$date":"2015-06-15T11:49:34.434Z"},"uid":2147483632,"ipAddress":
"10.10.20.12","command":"alarm add","arguments":{"baseService":"1","alarm": 
"NODE_ALARM_SERVICE_GATEWAY_DOWN","service":"gateway","displayName":"GatewayServiceDown",
"serviceName":"GatewayService","terse":"nagwsd"},"status":1,"errors":["Terse name of 
nagwsd already exists in the system.","Alarm NODE_ALARM_SERVICE_GATEWAY_DOWN already 
exists in the system."]}
{"timestamp":{"$date":"2015-06-15T11:49:52.598Z"},"uid":2147483632,"ipAddress":
"10.10.20.12","command":"volume create","arguments":{"name":"mapr.hbase","path":"/hbase", 
"replicationtype":"low_latency"},"status":1,"errors":["Volume Name mapr.hbase, Already In Use"]}