Linux-UNIX: Validate and troubleshoot the Cloudera configuration
Check that the Cloudera configuration successfully captures traffic.
Procedure
- Go to the S-TAP Status Monitor page and verify that the S-TAP is still green. (Inspection engine verification is not supported for Hadoop sources, so that is always Unverified.)
- Install a Guardium policy, or use the default policy, then run some simple HDFS or Hive commands on the Cloudera cluster and see if you can see the traffic in a report or, after a bit of time, in the investigation dashboard.
- Troubleshooting: If you are not seeing traffic from Navigator, check the following:
- In Cloudera Manager, verify that auditing is enabled for each service you want to monitor.
- Is integration enabled? Check the S-TAP configuration to make sure that the kafka_reader_enabled=1.
- Is the Kerberos principal and path correct?
- Are the Kafka bootstrap servers up and running?
- If TLS is checked in the GUI, verify that Kafka is setup for TLS, and vice versa. Also verify that TLS on the Kafka is not configured with client authentication required.
- Double check your Guardium policy to make sure you are logging the traffic you expect to see from Navigator.
- Check your report to see if you have defined it correctly. (Server type group, now –n days, and so on.)