Cloudera Enterprise 5.15.x | Other versions

Setting Up Navigator Audit Server

The steps below show you how to add the Navigator Audit Server role to an existing Cloudera Manager cluster.

The Navigator Audit Server role runs on the Cloudera Management Service. By default, the installation process installs both Navigator Audit Server and Navigator Metadata Server roles on the same Cloudera Management Service instance, but that may not be optimal, especially for very large clusters.

Continue reading:

Adding the Navigator Audit Server Role

Cloudera Manager Required Role: Navigator Administrator (or Full Administrator)

The steps below assume that an external database is running and available to be used with the Navigator Audit Server role. Before adding this role, gather the configuration details about the external database instance so you can enter them when needed during this process.

To add the Navigator Audit Server role to the cluster:
  1. Log in to the Cloudera Manager Admin Console.
  2. From the menu, select Clusters > Cloudera Management Service.
  3. Click theInstances tab.
  4. Click Add Role Instances. The Customize Role Assignments page displays and lists the nodes available to support additional roles, assuming the cluster has available resources. Reassign and customize role instances as needed.
  5. Select the Navigator Audit Server role and assign it to appropriate host for your cluster.
  6. When finished, click Continue. The Database Setup page displays.
  7. Click Use Custom Database.
  8. In the Navigator Audit Server section, enter the details of your database instance:
    • Database host name
    • Database type
    • Database name
    • Username
    • Password
      Note: For non-production use only, you can select Use Embedded Database. Cloudera Manager creates and configures the databases for you. Make a note of the generated passwords.
    Here is an example of a configured external database instance:

  9. Click Test Connection to verify the communication between the cluster and the external database. If the test fails, check the database settings and try again. If you selected embedded database, a message displays regarding database creation.
  10. Click Continue.
  11. The Cluster Setup Review Changes page displays.
  12. Click Finish.

Starting, Stopping, and Restarting the Navigator Audit Server

  1. Log in to the Cloudera Manager Admin Console.
  2. From the menu, select Clusters > Cloudera Management Service.
  3. Click the Instances tab.
  4. Click the link for the Navigator Audit Server from the Role Type list. The Actions for Selected button activates and displays (1) for the selected role.
  5. From the Actions for Selected (1) menu, select the Action you want to perform on this role instance:
    • Start
    • Stop
    • Restart
    • Enter Maintenance Mode
    • Exit Maintenance Mode
    • Delete
    A confirmation message displays prompting you to Cancel or complete the specified Action.
  6. Click Cancel to abandon the process, or click Action to execute the action.

Configuring the Navigator Audit Server Data Expiration Period

By default, the Navigator Audit Server keeps 90 days worth of audit events in its database. The setting be changed to a shorter timeframe, including a specific number of hours rather than days, by configure the number of hours or days of audit events to keep in the Navigator Audit Server database as follows:
  1. Log in to the Cloudera Manager Admin Console.
  2. From the menu, select Clusters > Cloudera Management Service.
  3. Click the Configuration tab.
  4. Select Navigator Audit Server from the Scope filter.
  5. For the Navigator Audit Server Data Expiration Period, enter the number of days or hours or audit events that should be retained in the database before purging and select either day(s) or hour(s) from the drop-down to label the value accordingly.
  6. Restart the Navigator Audit Server role.

Configuring the Navigator Audit Server Log Directory

The default location for the Navigator Audit Server logs is: 
/var/log/cloudera-scm-navigator
To change the location for the log directory:
  1. Log in to the Cloudera Manager Admin Console.
  2. From the menu, select Clusters > Cloudera Management Service.
  3. Click the Configuration tab.
  4. Select Category > Logs.
  5. Enter the path for the Navigator Audit Server Log Directory property.
  6. Restart the Navigator Audit Server role.
Page generated May 18, 2018.