Linux-UNIX: Preliminary configuration

This section covers the preparatory configuration: the Navigator auditing component, verifying that TLS/SSL is configured correctly for Kafka, installing S-TAP on a server

Procedure

  1. Configure the Navigator auditing component.
    • If you do not already have Navigator configured to audit the supported services as normal, without Guardium, refer to Cloudera documentation for more information about setting that up. Be aware that you may need to specifically enable the configuration for each service, depending on the level of Cloudera that you have. Solr auditing is disabled by default. You must enable it following the instructions in the Cloudera documentation.
      Figure 1. Enabling Solr audit in Cloudera Manager
      Enabling Solr audit in Cloudera Manager
    • To get Impala traffic, you need to enable Impala Daemon auditing as described in the Cloudera documentation. Here’s a screenshot from the Impala service configuration in Cloudera Manager that shows Impala audit event generation is enabled.
      Figure 2. Enabling audit events for Impala in Cloudera Manager
      Enabling audit events for Impala in Cloudera Manager
  2. Verify that TLS/SSL is configured correctly for Kafka.

    The Kafka cluster you use for producing Cloudera audit events must not be configured with required SSL client authentication. In Cloudera Manager, go to Kafka > Configuration > SSL client authentication and choose the none or requested radio button.

  3. Install the S-TAP on the designated server inside or outside of the Hadoop cluster.
    1. Use the appropriate procedure for your system. See Linux-UNIX: Installing, upgrading and uninstalling S-TAP agents.
    2. Verify connectivity between the S-TAP and the Guardium system. The S-TAP status should be green in the S-TAP Status Monitor page. Go to Manage > System View > S-TAP Status Monitor.