Audit Log Storage¶
Audit logs can be configured to be stored in cloud storage such as S3 or ADLS Gen1.
Configuration Settings¶
The following configuration settings are used to configure audit log storage:
WATCHER_AUDIT_LOG_DST_DIRWATCHER_S3_REGIONWATCHER_S3_ENCRYPTWATCHER_AUDIT_UPLOAD_INTERVAL_SEC
Configuring Audit Log Storage on S3¶
To store audit logs on S3, you will need to have an S3 path where these logs will be stored. This should be done in the ODAS S3 Storage you created in the Prerequisites section.
An example configuration will have:
WATCHER_AUDIT_LOG_DST_DIR: s3://company/okera/audit
WATCHER_S3_REGION: us-east-1
WATCHER_S3_ENCRYPT: true
Configuring Audit Log Storage on ADLS Gen1¶
To store audit logs on ADLS Gen1, you will need to have an ADLS path where these logs will be stored. This should be done in the ODAS ADLS Storage you created in the Prerequisites section.
An example configuration will have:
WATCHER_AUDIT_LOG_DST_DIR: adl://<company>.azuredatalakestorage.net/odas/audit
Configuring Upload Intervals¶
By default, ODAS will upload audit logs every 5 minutes, but this can be modified by setting the WATCHER_AUDIT_UPLOAD_INTERVAL_SEC value to a different number of seconds.
For example, to configure ODAS to upload the audit logs every 15 seconds:
WATCHER_AUDIT_UPLOAD_INTERVAL_SEC: 15