Follow these instructions to install ecAudit in each node of your Cassandra cluster. This will enable all the features provided by ecAudit. Visit the sertup guide for a detailed list of options.
Place the ecAudit jar file in your $CASSANDRA_HOME/lib/ directory.
Get the official releases from Maven Central.
The ecAudit plug-in is enabled by configuring a few different plug-in settings in Cassandra.
Change the following settings in your cassandra.yaml.
authenticator: com.ericsson.bss.cassandra.ecaudit.auth.AuditAuthenticator
authorizer: com.ericsson.bss.cassandra.ecaudit.auth.AuditAuthorizer
role_manager: com.ericsson.bss.cassandra.ecaudit.auth.AuditRoleManager
By default the AuditAuthenticator, AuditAuthorizer and AuditRoleManager delegates operations to the standard PasswordAuthenticator, CassandraAuthorizer and CassandraRoleManager respectively.
All configuration options and recommendations for the standard plug-ins applies for the Audit plug-ins as well.
For instance, remember to increase the replication factor of the system_auth keyspace.
Consult the Cassandra configuration documentation for details.
Add the following JVM option to your cassandra-env.sh or your cassandra.in.sh.
Note: If you configure these settings in your cassandra-env.sh,
consider that the JVM_EXTRA_OPTS variable is consumed at the end of the file,
so make sure to add the following lines before they are consumed.
JVM_EXTRA_OPTS="$JVM_EXTRA_OPTS -Dcassandra.custom_query_handler_class=com.ericsson.bss.cassandra.ecaudit.handler.AuditQueryHandler"
JVM_EXTRA_OPTS="$JVM_EXTRA_OPTS -da:net.openhft..."
The first line installs the ecAudit QueryHandler plug-in. The second line disable asserts for the Chronicle logger backend.