Production-level Hadoop ecosystems are implemented with sufficient authentication, authorization, and data security in place. We have already covered various ways to implement security in Hadoop in previous chapters. But, as discussed, while implementation is one thing, monitoring and alerting are another. What if someone log into your system using some other mechanism or someone tries to enter your system by some other route? What if a user performs operations they are not allowed to?
Security monitoring
Security information and event management
Security information and event management (SIEM) is an audit that logs entries and from the security system and converts them into an actionable item. This actionable information...