Information
Audit logging in Cassandra logs every incoming CQL command request, Authentication (successful as well as unsuccessful login) to C* node. Currently, there are two implementations provided, the custom logger can be implemented and injected with the class name as a parameter in cassandra.yaml.
Rationale:
Unauthorized attempts to create, drop or alter users or data should be a concern.
Solution
Open Source Version
Apache Cassandra versions up to 3.11.4 does not have auditing capabilities, it will be in version 4.x but that has not been released yet according to apache Cassandra website. http://cassandra.apache.org/download/
Commercial Version
Open the dse.yaml file in a text editor
In the audit_logging_options section, set enabled to true.
# Audit logging options
audit_logging_options:
enabled: true
You must also define where you want logging to go, add either of the following lines:
Set the logger option to either CassandraAuditWriter, which logs to a table, or SLF4JAuditWriter, which logs to the SLF4J logger.
References:
https://docs.datastax.com/en/datastax_enterprise/4.8/datastax_enterprise/sec/secAudit.html#secAudit