1. Security Guide
  2. Audit Logging
  3. Security Log Messages

Security Log Messages

For ease of grepping and analysis, the auditing log message uses KVAuditInfo as a prefix. For example: 

# General audit logging:
<Timestamp>: KVAuditInfo[user: <user_name>, 
clienthost: <client_host>, operation: 
<operation_description>, status: <SUCCESS/FORBIDDEN>,
reason: <failure_reason>] 
# General audit logging:
# Particular logging for successful execution of plan:
<Timestamp>: KVAuditInfo[<plan_name>, owned by <plan_owner>, 
executed by <plan_executor> from <client_host>, 
state=<end state of plan execution>]

To distinguish security related messages from standard log messages, the following two security related logging levels are introduced:

  • SEC_WARNING

    Logs unauthenticated login, unauthorized read/write data access and unauthorized execution of CLI commands. Unauthenticated login does not log the reasons of failure.

  • SEC_INFO

    Logs the success of a user login and the successful execution of plans that require dbadmin or sysadmin role related privileges.