Skip to main content

Privacera Documentation

Configure Solr destination on Privacera Platform

You can set up AuditServer to receive audits from Privacera plugins and Ranger Admin and send those audits to Solr and Fluentd. You can use AuditServer to keep the audits beyond a 90-day period.

By default, the Ranger plugin sends audits to Solr, where they expire after a 90-day period. To change the audit log expiry period, refer to the MAX_AUDIT_RETENTION_DAYS property in Solr properties on Privacera Platform.

To configure a Solr destination on Privacera Platform, follow these steps:

  1. SSH to an instance where Privacera is installed.

  2. Run the following commands.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.auditserver.yml config/custom-vars/
    vi config/custom-vars/vars.auditserver.yml
    
  3. Edit the following properties. For property details, see AuditServer configuration properties on Privacera Platform.

    AUDITSERVER_AUTH_TYPE: "<PLEASE_CHANGE>"
    AUDITSERVER_AUTH_USER: "<PLEASE_CHANGE>"
    AUDITSERVER_AUTH_PASSWORD: "<PLEASE_CHANGE>"
    AUDITSERVER_SOLR_DESTINATION: "<PLEASE_CHANGE>"
    ADMIN_AUDITSERVER_SOLR_DESTINATION: "<PLEASE_CHANGE>"
    
  4. Run the following commands.

    cd ~/privacera/privacera-manager
    ./privacera-manager.sh update
    

AuditServer configuration properties on Privacera Platform

The property names prefixed with ADMIN_ refer to Privacera Ranger Admin, whereas the others refer to Privacera Portal.

Property

Description

Example

AUDITSERVER_AUTH_TYPE

Set this property to enable basic authentication.

Value: None/Basic

basic

AUDITSERVER_AUTH_USER

AUDITSERVER_AUTH_PASSWORD

If the above authentication type is set to basic, assign a username and password. You can assign any user credentials.

Value: True/False

AUDITSERVER_AUTH_USER: "padmin"

AUDITSERVER_AUTH_PASSWORD: "padmin"

AUDITSERVER_SOLR_DESTINATION

ADMIN_AUDITSERVER_SOLR_DESTINATION

Set to true if the audit destination is Solr.