Cloudera Navigator Audit Server

The Navigator Audit Server performs the following functions:
  • Tracking and coalescing events
  • Storing events to the audit database

Adding the Navigator Audit Server Role

Minimum Required Role: Navigator Administrator (also provided by Full Administrator)

  1. Configure the database where audit events are stored.
  2. Do one of the following:
    • Select Clusters > Cloudera Management Service > Cloudera Management Service.
    • On the Home > Status tab, in Cloudera Management Service table, click the Cloudera Management Service link.
  3. Click the Instances tab.
  4. Click the Add Role Instances button. The Customize Role Assignments page displays.
  5. Assign the Navigator role to a host.
    1. Customize the assignment of role instances to hosts. The wizard evaluates the hardware configurations of the hosts to determine the best hosts for each role. The wizard assigns all worker roles to the same set of hosts to which the HDFS DataNode role is assigned. You can reassign role instances if necessary.

      Click a field below a role to display a dialog box containing a list of hosts. If you click a field containing multiple hosts, you can also select All Hosts to assign the role to all hosts, or Custom to display the pageable hosts dialog box.

      The following shortcuts for specifying hostname patterns are supported:
      • Range of hostnames (without the domain portion)
        Range Definition Matching Hosts
        10.1.1.[1-4] 10.1.1.1, 10.1.1.2, 10.1.1.3, 10.1.1.4
        host[1-3].company.com host1.company.com, host2.company.com, host3.company.com
        host[07-10].company.com host07.company.com, host08.company.com, host09.company.com, host10.company.com
      • IP addresses
      • Rack name

      Click the View By Host button for an overview of the role assignment by hostname ranges.

  6. When you are satisfied with the assignments, click Continue.
  7. Configure database settings:
    1. Choose the database type:
      • Keep the default setting of Use Embedded Database to have Cloudera Manager create and configure required databases. Record the auto-generated passwords.

      • Select Use Custom Databases to specify external databases.
        1. Enter the database host, database type, database name, username, and password for the database that you created when you set up the database.
    2. Click Test Connection to confirm that Cloudera Manager can communicate with the database using the information you have supplied. If the test succeeds in all cases, click Continue; otherwise, check and correct the information you have provided for the database and then try the test again. (For some servers, if you are using the embedded database, you will see a message saying the database will be created at a later step in the installation process.) The Review Changes screen displays.
  8. Click Finish.

Starting, Stopping, and Restarting the Navigator Audit Server

  1. Do one of the following:
    • Select Clusters > Cloudera Management Service > Cloudera Management Service.
    • On the Home > Status tab, in Cloudera Management Service table, click the Cloudera Management Service link.
  2. Click the Instances tab.
  3. Do one of the following depending on your role:
    • Minimum Required Role: Full Administrator

      1. Select the checkbox next to Navigator Audit Server.
      2. Select Actions for Selected > Action. Click Action to confirm the action, where Action is Start, Stop, or Restart.
    • Minimum Required Role: Navigator Administrator (also provided by Full Administrator)

      1. Click the Navigator Audit Server role link.
      2. Select Actions > Action this Navigator Audit Server. Click Action this Navigator Audit Server, where Action is Start, Stop, or Restart, to confirm the action.

Configuring the Navigator Audit Server Data Expiration Period

Minimum Required Role: Navigator Administrator (also provided by Full Administrator)

You can configure the number of hours of audit events to keep in the Navigator Audit Server database as follows:
  1. Do one of the following:
    • Select Clusters > Cloudera Management Service > Cloudera Management Service.
    • On the Home > Status tab, in Cloudera Management Service table, click the Cloudera Management Service link.
  2. Click the Configuration tab.
  3. Select Category > All.
  4. Set the Navigator Audit Server Data Expiration Period property.

    If more than one role group applies to this configuration, edit the value for the appropriate role group. See Modifying Configuration Properties Using Cloudera Manager.

  5. Restart the role.

Configuring the Navigator Audit Server Log Directory

Minimum Required Role: Navigator Administrator (also provided by Full Administrator)

You can configure the location of the Navigator Audit Server logs (by default, /var/log/cloudera-scm-navigator) as follows:
  1. Do one of the following:
    • Select Clusters > Cloudera Management Service > Cloudera Management Service.
    • On the Home > Status tab, in Cloudera Management Service table, click the Cloudera Management Service link.
  2. Click the Configuration tab.
  3. Select Category > Logs.
  4. Set the Navigator Audit Server Log Directory property.

    If more than one role group applies to this configuration, edit the value for the appropriate role group. See Modifying Configuration Properties Using Cloudera Manager.

  5. Restart the role.