Linux-UNIX: Configuring the preliminary settings

Verify that TLS/SSL is configured correctly for Kafka and install S-TAP on a server as part of the preparatory configuration for the Navigator auditing component,

1. Configure the Navigator auditing component.
   • If you did not already configure the Navigator to audit the supported services as normal, without Guardium, refer to Enabling Audit and Log Collection for Services in Cloudera documentation. You might need to specifically enable the configuration for each service, depending on the level of Cloudera that you have. Solr auditing is disabled by default. Enable it following the instructions in the Cloudera documentation.
   • To get Impala traffic, you need to enable Impala Daemon auditing as described in Configuring Impala Daemon Logging in the Cloudera documentation.
2. Verify that TLS/SSL is configured correctly for Kafka.

   The Kafka cluster that you use for producing Cloudera audit events must not be configured with required SSL client authentication. For more information, see Configure TLS/SSL client authentication for Kafka brokers in Cloudera documentation.

3. Install the S-TAP on the designated server inside or outside of the Hadoop cluster.
   1. Use the appropriate procedure for your system. See Linux-UNIX: Installing, upgrading and uninstalling S-TAP agents.
   2. Verify connectivity between the S-TAP and the Guardium system. The S-TAP status must be green in the S-TAP Status Monitor page. Go to Manage > System View > S-TAP Status Monitor.