Audit Server¶
Audit Server is a service in self-managed Privacera that collects audit logs from Ranger plugins, connectors, DataServer, and related components, and forwards them to one or more destinations.
- Default destination: Audit Server indexes audits into Apache Solr.
- Amazon SQS: Audit Server sends audits directly to SQS when the SQS destination is enabled in Privacera Manager (
vars.auditserver.yml). - Object storage via Audit Fluentd: Audit Server forwards audits over HTTP to Audit Fluentd. Fluentd writes objects to one of Amazon S3, Azure Blob / ADLS, or Google Cloud Storage, selected by
AUDIT_FLUENTD_AUDIT_DESTINATIONinvars.audit-fluentd.yml. Fluentd is configured for one cloud destination at a time.
flowchart LR
subgraph Sources["Sources"]
RP["Apache Ranger Plugins"]
PC["Privacera Connectors"]
PDS["Privacera DataServer"]
end
AUD["Audit Server"]
AF["Audit Fluentd"]
subgraph SolrDest["Default destination"]
Solr["Apache Solr"]
end
subgraph SqsDest["Optional: direct queue"]
SQS["Amazon SQS"]
end
subgraph ObjViaFluentd["Fluentd (one destination at a time)"]
Obj["S3 or Azure or GCS"]
end
RP --> AUD
PC --> AUD
PDS --> AUD
AUD --> Solr
AUD --> SQS
AUD -->|HTTP| AF
AF --> Obj- Next Setup