Log file to monitor user's logins to Data Repository

book

Article ID: 192422

calendar_today

Updated On:

Products

CA Infrastructure Management CA Performance Management - Usage and Administration DX NetOps

Issue/Introduction

For security or audit purposes some companies may need to monitor users' access to the Data Repository vertica database.
For this they may use a third-party tool to analyze any available logs tracking this user activity.

Environment

Release : 3.7

Component : IM Reporting / Admin / Configuration

Resolution

In Data Repository, normally only 'dradmin' and 'dauser' users should be logging into vertica database; unless customer is creating additional users for it.

The information showing the user that is connecting to the database can be found in the vertica.log on each DR node.

For example, this is what is logged in vertica.log when a user connects to the database:
....
2020-06-03 12:12:47.181 Init Session:7feadeffd700 <LOG> @v_drdata_node0003: 00000/2705: Connection received: host=10.84.138.10 port=54428 (connCnt 1)
2020-06-03 12:12:47.181 Init Session:7feadeffd700 <LOG> @v_drdata_node0003: 00000/4686: Authentication - sendAuthRequest: user=dauser database=drdata host=10.84.138.10 authType=3
...

So customers can analyze the vertica.log to find the information on users logging in to vertica database.

 

Another option could be using the Vertica 'Management Console' tool to monitor user sessions; however this tool is not installed by default during the Data Repository installation. This feature requires a dedicated machine to run. Usually this is installed at very large environments having specific issues to monitor.

The 'Management Console' tool provides the 'Monitoring User Sessions' chart explained in Vertica documentation:
https://www.vertica.com/docs/9.2.x/HTML/Content/Authoring/ManagementConsole/MonitoringVerticaUsingMC/MonitoringUserSessions.htm