Home
6.0 Administration
This section describes how to manage the nodes and services that make up a cluster.
Administrator's Reference
This section contains in-depth reference information for the administrator.
MapR Environment
This section provides information associated with the MapR environment.
Log Files
Viewing Audit Logs
Viewing Audit Logs for Filesystem, Table, and Stream Operations
Describes where MapR-FS, MapR-DB, and MapR-ES audit logs are stored and how to view them.

MapR 6.0 Documentation

6.0 Administration
This section describes how to manage the nodes and services that make up a cluster.
- Administering Users and Clusters
- Administering Nodes
- Administering Volumes
  This section provide information about how to organize and manage data using volumes, a unique feature of MapR clusters.
- Administering Files and Directories
- Administering Tables
  Administration of the MapR-DB is done primarily via the command line (maprcli) or with the MapR Control System (MCS). Regardless of whether the MapR-DB table is used for binary files or JSON documents, the same types of commands are used with slightly different parameter options. MapR-DB administration is associated with tables, columns and column families, and table regions.
- Administering Streams
- Administering MapR Gateways
  A MapR gateway mediates one-way communication between a source MapR cluster and a destination cluster. You can replicate MapR-DB tables (binary and JSON) and MapR-ES streams. MapR gateways also apply updates from JSON tables to their secondary indexes and propagate Change Data Capture (CDC) logs.
- Administering Services
- Monitoring the Cluster
  This section describes how to monitor the health and performance of a MapR cluster.
- Configuring Security
  Describes how to configure MapR security and manage secure clusters.
- Managing Secure Clusters
  Provides procedures that will enable you to use MapR clusters securely.
- Administering the MapR Data Access Gateway
  The MapR Data Access Gateway is a service that acts as a proxy and gateway for translating requests between lightweight client applications and the MapR cluster. This section describes considerations when upgrading the service, how to modify configuration settings, and how to administer and manage the service.
- Planning for High Availability
- Administrator's Reference
  This section contains in-depth reference information for the administrator.
  - maprcli and REST API Syntax
    This section provides information about the MapR command API. Most commands can be run on the command-line interface (CLI), or by making REST requests programmatically or in a browser.
  - Utilities
    This section contains information about various scripts and utilities.
  - Configuration Files
    This section contains reference information about various configuration files.
  - Alarms Reference
    The pages in this section provide details about all of the types of alarms.
  - MapR Environment
    This section provides information associated with the MapR environment.
    - MapR Parameters
    - Default MapR Configurations
    - Environment Variables
      Describes the environment variables specific to MapR.
    - Ports Used by MapR
    - Log Files
      - Increasing Log Retention
      - Setting the Tracing Level
      - Configuring Profiling for Operations
      - Archiving CLDB Logs
      - Enabling Runtime Logging
      - Viewing Audit Logs
        Viewing Log Entries for Audited maprcli Command Executions
        Describes where audit recrods of operations performed using the CLI are stored and how to view them.
        Viewing Audit Logs for Cluster Administration
        Describes where audit records of cluster administration operations are stored and how to view them.
        Viewing Audit Logs for Filesystem, Table, and Stream Operations
        Describes where MapR-FS, MapR-DB, and MapR-ES audit logs are stored and how to view them.
        Common Features of Audit Logs for Filesystem, Table, and Stream Operations
        Example Log Entries for Audited Filesystem Operations
        Example Log Entries for Audited Operations on MapR-DB Binary and JSON Tables
        Managing Audit Logs for Filesystem and Table Operations
        Status Codes That Can Appear in Audit Logs
      - Viewing Application Logs
      - Viewing the Service Log
    - Cluster Maintenance Schedule
    - Language Support for MapR-DB Tables
      This section lists the human languages that MapR-DB tables can store, retrieve, and process.
- Troubleshooting Cluster Administration
- Best Practices for Backing Up MapR Information

Viewing Audit Logs for Filesystem, Table, and Stream Operations

Describes where MapR-FS, MapR-DB, and MapR-ES audit logs are stored and how to view them.

Operations on MapR file, database, and event data are captured and recorded in the audit logs. The operations take place within volumes and have effects at the level of the MapR file system.

These audit logs are stored in a system volume created specifically to store them. This volume is created automatically during cluster installations and upgrades. Operations are logged on the nodes on which the operations are executed, which could differ from the nodes where operations are initiated. Logs are stored in the MapR file system at /var/mapr/local/<node_name>/audit/. By default, only root and the mapr superuser can read the log files. To allow other users to read the logs, set ACEs on the directory granting readfile (rf), readdir (rd), and lookupdir (ld) permissions to the users. For example:

~# hadoop mfs -setace -R -aces "rf:u:root|u:mapr|u:m7user1,rd:u:root|u:mapr|u:m7user1,ld:u:root|u:mapr|u:m7user1" /var/mapr/local/sample.qa.lab/audit/

NOTE: For more information, see Using ACEs for MapR-FS.

Audit logs for operations on directories and files

Operations on directories and files, as well as the deletion of MapR-DB tables, are logged in files that have this naming convention: FSAudit.log.json-dd-mm-yyyy-<001-999>

To see what information is recorded in typical log entries, see Example Log Entries for Audited Filesystem Operations.

Audit logs for operations on MapR-DB tables and MapR streams

All operations on MapR-DB tables and MapR streams are logged in files that have this naming convention: DBAudit.log.json-dd-mm-yyy-<001-999>

Operations that result from maprcli commands, REST calls, or activity in the MapR Control Service are also logged in /opt/mapr/mapr-cli-audit-log/audit.log.json in the local filesystem on the nodes where the operations are processed.

To see what information is recorded in typical log entries, see Example Log Entries for Audited Operations on MapR-DB Tables.

NOTE: Due to the way that the creation of tables is processed internally, sometimes the creation of tables is logged in FSAudit.log.json, rather than in DBAudit.log.json.