Bringing together the Apache Cassandra experts from the community and DataStax.

Want to learn? Have a question? Want to share your expertise? You are in the right place!

Not sure where to begin? Getting Started

 

question

cbebek avatar image
cbebek asked cbebek edited

querying the audit table efficiently

How to best query the default audit table dse_audit.audit_log by an event_time range?
The docs say it has PRIMARY KEY ((date, “node”, day_partition), event_time), of course:

"select XXXXX from dse_audit.audit_log WHERE event_time > minTimeuuid('YYYYY') AND event_time <= maxTimeuuid('ZZZZZ')"

will (too) slowly traverse all partitions.

I supposed I can refine and specify a date range and day_partition in the query?
I'm also wondering if I can use tokens? Note that I won't know the structure of the nodes/cluster. I just have permission to query the audit table.

Also does the date field correspond to the date in event_time? Or that's a date when the record is written to the table?

TYIA

performanceclustering keypartitionaudit logging
10 |1000 characters needed characters left characters exceeded

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

0 Answers