Skip to content

Configure Solr Destination#

This topic covers how you can set up an AuditServer to receive audits from Privacera Plugins and Ranger Admin and send those audits to Solr and Fluentd. If you choose to keep the audits beyond a 90-day period, you can use AuditServer for that purpose. 

By default, the Ranger plugin sends the audits to Solr, where the audits expire after a 90-day period. If you want to configure the audit log expiry period, see MAX_AUDIT_RETENTION_DAYS property in the Solr properties.

CLI Configuration#

  1. SSH to an instance where Privacera is installed.

  2. Run the following commands.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.auditserver.yml config/custom-vars/
    vi config/custom-vars/vars.auditserver.yml
    
  3. Edit the following properties. For property details and description, refer to the Configuration Properties below.

    AUDITSERVER_AUTH_TYPE: "<PLEASE_CHANGE>"
    AUDITSERVER_AUTH_USER: "<PLEASE_CHANGE>"
    AUDITSERVER_AUTH_PASSWORD: "<PLEASE_CHANGE>"
    AUDITSERVER_SOLR_DESTINATION: "<PLEASE_CHANGE>"
    ADMIN_AUDITSERVER_SOLR_DESTINATION: "<PLEASE_CHANGE>"
    
  4. Run the following commands.

    cd ~/privacera/privacera-manager
    ./privacera-manager.sh update
    

Related Information

For further reading, see:

Configuration Properties#

The property names prefixed with ADMIN_ refer to Privacera Ranger Admin, whereas the others refer to Privacera Portal.

Property Description Example
AUDITSERVER_AUTH_TYPE

Set this property to enable basic authentication.

Value: None/Basic

basic

AUDITSERVER_AUTH_USER

AUDITSERVER_AUTH_PASSWORD

If the above authentication type is set to basic, assign a username and password. You can assign any user credentials.

Value: True/False

AUDITSERVER_AUTH_USER: "padmin"

AUDITSERVER_AUTH_PASSWORD: "padmin"

AUDITSERVER_SOLR_DESTINATION

ADMIN_AUDITSERVER_SOLR_DESTINATION

Set to true if the audit destination is Solr.