Auditing enables us to know who did/looked at/changed what and when by logging activities a user performs on the ScyllaDB cluster.
Transcript
Auditing, auditing again only available on ScyllaDB. Enterprise, very simple mechanism just
audit action that the user are taking on the database, that’s not really a security
thing in such that it doesn’t prevent anything but it will allow you to maybe
identify misuse of a user of the data, after you can define the
auditing result of the log to be written either to the local log or to a table
whatever you use the best practice is to pull this information frequently from
the node either to a local action facility or just pull through CQL, the data
from the table because if a malicious intruder go into the machine he might
be able to change the log as well, the granularity of the auditing, you don’t
want or maybe you want, you can’t audit everything so if you enable auditing for
all the queries and all the inserts and such you will need the bigger database
than what you already have just for auditing, so usually we’ll just enable
auditing for security-related operation like grant permission, create a user and
such or maybe schema changes which are not as often and mostly it’s not
recommended to activate auditing on everything but you have some
granularity on keyspace level and operation level, on what exactly want to audit
