This page provides configuration details for Cassandra collectors.

Prerequisites

To monitor Cassandra with Database Visibility, you must be running version:

  • Apache Cassandra >= 3.11.4
  • Datastax Enterprise (DSE) Cassandra 5.1, >= 6.7.3

Connection Details


FieldDescription
Create New CollectorDatabase TypeThe Database type that you want to monitor.
AgentThe Database Agent that manages the collector.
Collector NameThe name you want to identify the collector by.
Connection DetailsHostname or IP AddressThe hostname or IP address of the machine that your database is running on.
Listener PortThe TCP/IP address of the port on which your database communicates with the Database Agent.
JMX PortThe port to remotely connect through JMX (optional for DSE Cassandra). See JMX Configurations.
JMX UsernameThe name of the JMX user who is connecting to and monitoring the database using the Database Agent. See JMX configurations.
JMX PasswordThe password of the JMX user who is connecting to and monitoring the database through the Database Agent.
Username and PasswordUsername

The name of the user who is connecting to and monitoring the database using the Database Agent. The user must have the permissions described in:

PasswordThe password of the user who is connecting to and monitoring the database through the Database Agent.
CyberArkClick to enable CyberArk for database username and password. When CyberArk is enabled, information about Application, Safe, Folder, and Object is required to fetch the username and password for your database. To use CyberArk with Database Visibility, you must download the JavaPasswordSDK.jar file from the CyberArk website and rename the file to cyberark-sdk-9.5.jar. Then, you must copy the JAR file to the lib directory of the database agent zip file.
Advanced Options

SSL Connection

Click to enable SSL Connection:

  • Truststore Location: Location of the certificate on the DB Agent host.
  • Truststore Type: Type of SSL Connection. There are two truststore types:
    PKCS12 (default)
    SSO: Enables auto-login. If you use SSO, you only need to provide the truststore location and truststore type
  • Truststore Password: Password for SSL Connection.

If you also use client certificate authentication, then click the Enable SSL Client Authentication box. 

  • Keystore Location: location of the certificate on the DB Agent host
  • Keystore Type: type of SSL Connection
  • Keystore Password: password for SSL Connection

You can set the context protocol for the SSL environment using the dbagent.cassandra.ssl.context.protocol system variable. If you do not set the context protocol through the system variable, TLSv1.3 is used by default.

These platforms support TLSv1.3:

  • Oracle JDK >= 8u261-b12
  • AdoptOpenJDK >= 8u262-b10
  • Azul Platform Prime >= 20.07.0.0

If a JDK version does not support TLSv1.3 or the specified context protocol, Splunk AppDynamics switches to TLSv1.2.

Monitor Operating SystemsSee Configure the Database Agent to Monitor Server Hardware.

Cassandra Configurations

These are the required configurations:

  • Query Capture Configurations

  • JMX Configurations for Apache/DSE Cassandra

    1. Open cassandra-env.sh file.
    2. To enable JMX for:

      1. local connection, under the if [ "$LOCAL_JMX" = "yes" ]; then  statement, set:

        JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.authenticate=true"
        CODE

      2. for remote connection, under the corresponding else statement, set:

        JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.authenticate=true"
        CODE

    3. Set the path to the credentials file, jmxremote.password:

      JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.password.file=PATH TO FILE"
      CODE

    4. In the jmxremote.password file, set JMX credentials to be the same as that of the database user credentials to be specified in the collector configuration:

      username password
      CODE

      You may choose to give ReadOnly JMX access to the database monitoring user by defining in the jmxremote.access file as mentioned in Enabling JMX authentication and authorization.

      If DB and JMX have different SSL key stores, use:

      • The DB SSL properties in the Controller collector configuration
      • The system properties to set the JMX SSL properties

      Run command:

      -Djavax.net.ssl.keyStore="<path-to-clientKeyStore>" -Djavax.net.ssl.keyStorePassword=<keystore-password> -Djavax.net.ssl.trustStore="<path-to-clientTruststore>" -Djavax.net.ssl.trustStorePassword=<client-truststore-password>
      CODE

      If JMX SSL is disabled, set "-Dcassandra.jmx.ssl.enabled" = false and if JMX SSL is enabled, then set "-Dcassandra.jmx.ssl.enabled" = true.

      To monitor the JMX SSL-enabled Cassandra database, add the following properties:

      Dcassandra.jmx.ssl.enabled=true -Djavax.net.ssl.trustStore="<truststore location>" -Djavax.net.ssl.trustStorePassword=<password>
      CODE

      If you are using a single Database Agent to monitor multiple Cassandra clusters where each Cassandra cluster has different root CAs.

      Then, to monitor these Cassandra clusters with different keystore credentials, create one trust store that contains all root CAs of Cassandra clusters and Controller certificates.

      For example, to import two root CAs, run the following command:

      keytool -import -alias <alias-of-CA1> -file <root-CA-of-DB1> -keystore <truststore-location1> -storepass <truststore-password1>
keytool -import -alias <alias-of-CA2> -file <root-CA-of-DB2> -keystore <truststore-location1> -storepass <truststore-password1>
      CODE

      For more information, see Enable SSL and SSH for Database Agent Communications.

      If you cannot create a single trust store, use different Database Agents while monitoring different Cassandra clusters.