Audit and Logging

Audit

Cloud Trace Service (CTS) records MRS operation logs on the management console, such as creating or deleting MRS clusters. CTS is a log audit service intended for cloud security. It records operations on the cloud resources in your account. You can use the logs generated by CTS to perform security analysis, track resource changes, audit compliance, and locate faults.

After you enable CTS and configure a tracker, CTS can record management and data traces of MRS for auditing.

Figure 1 MRS event recording on CTS

FusionInsight Manager provides the audit function to record user operations on Manager of clusters. On the Audit page, administrators can view users' historical operation records on Manager. The records can be used to locate faults and determine responsibilities in security events. For details about the Audit page, see Audit Overview. The audit logs of FusionInsight Manager are stored in the database by default. If the audit logs are retained for a long time, the disk space of the data directory may become insufficient. To store audit logs to another archive server, administrators can set the required dump parameters to automatically dump these logs. This facilitates the management of audit logs. For details about how to dump audit logs, see Configuring Audit Log Dumping.

Logging

Logs of all components in an MRS cluster (for example, all HDFS logs) can be collected by connecting hosts to Log Tank Service (LTS). LTS collects log data from hosts and cloud services. By analyzing and processing massive amounts of logs efficiently, securely, and in real time, LTS provides useful insights for you to optimize the availability and performance of cloud services and applications. It also helps you efficiently perform real-time decision-making, device O&M management, and service trend analysis. For details about the interconnection, see How Do I Interconnect MRS with LTS.

FusionInsight Manager also supports online search of component logs for fault locating and other scenarios. For details, see Log Online Search. In addition, FusionInsight Manager allows you to export logs generated by all instances of each service role in batches, without the need to manually log in to every node. For details, see Log Download.