Monitoring User Events

You can query the PostgresSQL database that is embedded within the Cloudera Data Science Workbench deployment to monitor or audit user events. This requires root access to the Cloudera Data Science Workbench Master host.

  1. SSH to the Cloudera Data Science Workbench Master host and log in as root.
    ssh root@<cdsw_master_host_domain_name>
  2. Get the name of the database pod:
    kubectl get pods -l role=db
    The command returns information similar to the following example:
    NAME                  READY   STATUS    RESTARTS   AGE
    db-86bbb69b54-d5q88   1/1     Running   0          4h46m
  3. Enter the following command to log into the database as the sense user:
    kubectl exec <database pod> -ti -- psql -U sense
    For example, the following command logs in to the database on pod db-86bbb69b54-d5q88:
    kubectl exec db-86bbb69b54-d5q88 -ti -- psql -U sense
    You are logged into the database as the sense user.
  4. Run queries against the user_events table.
    For example, run the following query to view the most recent user event:
    select * from user_events order by created_at DESC LIMIT 1
    The command returns information similar to the following:
    
    id          | 3658
    user_id     | 273
    ipaddr      | ::ffff:127.0.0.1
    user_agent  | node-superagent/2.3.0
    event_name  | model created
    description | {"model":"Simple Model 1559154287-ex5yn","modelId":"50","userType":"NORMAL","username":"LucyMilton"}
    created_at  | 2019-05-29 18:24:47.65449
  5. (Optional) Export the user events to a CSV file for further analysis:
    1. While still logged into the database shell, copy the user_events table to a CSV file:
      copy user_events to '/tmp/user_events.csv' DELIMITER ',' CSV HEADER;
    2. Exit the PostgeSQL shell. Type \q and press ENTER.
    3. Find the Docker container that the database runs in:
      docker ps | grep db-86bbb
      The command returns output similar to the following:
      8c56d04bbd58 c230b2f564da "docker-entrypoint..." 7 days ago Up 7 days k8s_db_db-86bbb69b54-fcfm6_default_8b2dd23d-88b9-11e9-bc34-0245eb679f96_0
      The first entry in bold is the container ID.
    4. Copy the user_events.csv file out of the container into a temporary directory on the Master host:
      docker cp <container_ID>:/tmp/user_events.csv /tmp/user_events.csv
      For example:
      docker cp 8c56d04bbd58:/tmp/user_events.csv /tmp/user_events.csv
    5. Use SCP to copy /tmp/user_events.csv from the Cloudera Data Science Workbench Master host to a destination of your choice.
      For example, run the following command on your local machine to copy user_events.csv to a local directory:
      scp root@<cdsw_master_host_domain_name>:/tmp/user_events.csv /path/to/local/directory/
For information about the different user events, see Tracked User Events.