Hadoop Logs: Relating and Interpretation
The other day, a very annoyed director of business intelligence (at a client site) stormed into my office and complained about one of the contractors deleting some ledger records from a production server. She had received a daily summary audit log report that showed 300 ledger records (financial transaction entries) had been deleted! To start with, the contractor in question shouldn’t have had access to them. So I investigated, and it turned out that the ERP (Enterprise resource planning) software that client was using had a bug that provided access through the “Public” role. I wouldn’t have discovered the bug if I didn’t have audit logging enabled, which proves how important audit logic can be from a security perspective.