Products

VMware Aria Suite

Issue/Introduction

This article provides instructions for accessing the Cassandra database in Aria Operations for Logs (formerly vRealize Log Insight)

Cause

In previous Aria Operations for Logs versions, the Cassandra Database was accessible without authentication.
For security purposes, mandatory authentication has been added starting in version 8.0.

Starting in version 8.3, SSL communication has been enabled between the Cassandra Server and Log Insight service, requiring the cqlshrc parameter be passed using cqlsh tool.

Resolution

In order to access the cqlsh (Cassandra shell) command line tool on versions 8.0 and later, the username and password must be specified.

Option 1: Use environmental variables to log into Cassandra.

Log into the vRealize Log Insight node as root via SSH or Console.
To log into the Cassandra database, run the following command:

CASSANDRAUSER="$(/usr/lib/loginsight/application/lib/apache-cassandra-*/bin/credentials-look-up| grep "user value=" | awk -F'"' '{print $2}')"; CASSANDRAPASSWORD="$(/usr/lib/loginsight/application/lib/apache-cassandra-*/bin/credentials-look-up| grep "password value=" | awk -F '"' '{print $2}')"; /usr/lib/loginsight/application/lib/apache-cassandra-*/bin/cqlsh -u $CASSANDRAUSER -p $CASSANDRAPASSWORD

Option 2: Manually obtain username and password to log into Cassandra.

Log into the Aria Operations for Logs node as root via SSH or Console.
Run the following command to get the Cassandra credentials and note the user and password values:

/usr/lib/loginsight/application/lib/apache-cassandra-*/bin/credentials-look-up

Note: You will see output similar to:
<cassandra-user value="lisuper" />
<cassandra-password value="l337nuFvPbsWXlYIx2MsVqo4RotfgAXx" />

To log into the Cassandra database, run the appropriate command:

Aria Operations for Logs 8.8 and later

cqlsh-no-pass
nodetool-no-pass status

vRealize Log Insight 8.6

/usr/lib/loginsight/application/lib/apache-cassandra-*/bin/cqlsh-no-pass

vRealize Log Insight 8.3 - 8.4

/usr/lib/loginsight/application/lib/apache-cassandra-*/bin/cqlsh -u user -p password --cqlshrc=/storage/core/loginsight/cidata/cassandra/config/cqlshrc

Note: Replace user and password with the values noted in step 2.

Example: /usr/lib/loginsight/application/lib/apache-cassandra-*/bin/cqlsh -u lisuper -p l337nuFvPbsWXlYIx2MsVqo4RotfgAXx --cqlshrc=/storage/core/loginsight/cidata/cassandra/config/cqlshrc

vRealize Log Insight 4.7-8.2

/usr/lib/loginsight/application/lib/apache-cassandra-*/bin/cqlsh -u user -p password

Note: Replace user and password with the values noted in step 2.

Example: /usr/lib/loginsight/application/lib/apache-cassandra-*/bin/cqlsh -u lisuper -p l337nuFvPbsWXlYIx2MsVqo4RotfgAXx

Alternatively, use the following command:
/usr/lib/loginsight/application/lib/apache-cassandra-*/bin/cqlsh-no-pass

Additional Information

To list the nodes in the cluster, along with their status from the Cassandra perspective, run the following command:

vRealize Log Insight 4.7-8.2

/usr/lib/loginsight/application/lib/apache-cassandra-*/bin/nodetool status

OR:

/usr/lib/loginsight/application/lib/apache-cassandra-*/bin/nodetool-no-pass status

vRealize Log Insight 8.3 and Later

/usr/lib/loginsight/application/lib/apache-cassandra-*/bin/nodetool -u user -pw password status

Note: Replace user and password with the values noted in step 2 of the resolution section.

Example: /usr/lib/loginsight/application/lib/apache-cassandra-*/bin/cqlsh -u lisuper -pw l337nuFvPbsWXlYIx2MsVqo4RotfgAXx status

Accessing the Cassandra Database in Aria Operations for Logs

Article ID: 315914

Updated On: