Lifecycle and Security Auditing

An audit event is an event that describes an action that has been taken for a cluster, host, license, parcel, role, service or user.

Minimum Required Role: Auditor (also provided by Full Administrator)

Cloudera Manager records cluster, host, license, parcel, role, and service lifecycle events (activate, create, delete, deploy, download, install, start, stop, update, upgrade, and so on), user security-related events (add and delete user, login failed and succeeded), and provides an audit UI and API to view, filter, and export such events. The Cloudera Manager audit log does not track the progress or results of commands (such as starting or stopping a service or creating a directory for a service), it just notes the command that was executed and the user who executed it. To view the progress or results of a command, follow the procedures in the topic Viewing and Running Recent Commands.

In CDP, Ranger performs auditing against the data access policies defined for each service. Ranger provides an audit UI and API to view, filter, and export service access audit logs. For information about auditing features, see the Ranger Auditing documentation.