is it possible to turn on query audit at bucket level. For example, if I want to monitor who is firing queries against a bucket, can I log all those queries in the audit log for that bucket only. Also currently if I turn audit log for queries, all queries are logged in audit.log, Is it possible to route all query logs to a different log file so that I can clean that up in a periodic basis.
You can enable at the service/statement level, Not at bucket level. cc @binh.le
How do we set it up at the statement level. Can you please direct me to the documentation regarding that
Auditing can be configured by means of Couchbase Web Console: see the information provided in Manage Auditing. To capture N1QL-related events, use the Query and Index Service panel. Events available to be audited include ones issued through the SDK, the Query workbench, and the Query Shell.
https://docs.couchbase.com/server/current/manage/manage-security/manage-auditing.html
https://docs.couchbase.com/server/current/n1ql/n1ql-language-reference/n1ql-auditing.html
Hi, may be I am missing something in the documentation. I am aware how to enable auditing for Query and Index service. If I enable it, it will be enabled for all the queries. But in your response you mentioned that there is a way to set it up at statement/query level. I am trying to find out how to enable audit log at query level. For example, how do I enable this for certain queries only.
You can choose Service (Query or Data or Analytic or …)
Statement level ( With in query service you can choose SELECT or UPDATE or INSERT, All those statement types will be audited.) .
You will not able to Audit specific SELECT statement based on bucket only. There might way to filter the the audit records on based on your needs.
Thanks a lot, I got my answer