Sure, responses in-line:
But the query logs will tell me which user accessed which dataset. And by access I specifically mean place the dataset into their space.
Yes query logs tell you dataset access for all users. It doesn’t matter which data source or space the dataset is located under, as long as it’s available in Dremio.
I assume a user can not view a dataset without putting the dataset into their space. And, when someone is a user in dremio open source, that user has access to all sources of data sitting in the lake.
In community edition, all datasets can be viewed by any user, regardless where they live. No need to “share” a space or a dataset, because it’ll already be accessible for all users. Of course, datasets need to be accessible from Dremio first – meaning it needs to be added as a data source or uploaded into a user’s home space.
Community dremio can not confine a data user to a specific dataset within the lake, nor can it give access to a user to just some of the datasets in the lake.
Dremio open source will not track/log when a user is logged or logged out of dremio.
I need to double check on this, not sure how what we exactly log for different scenarios: UI logins, JDBC/ODBC authentications, etc. What is your main audit focus here – UI logins or other connectivity?