This is an automated email from the ASF dual-hosted git repository.
morningman pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/doris.git
The following commit(s) were added to refs/heads/master by this push:
new 8551ac90860 [feature](audit) add new FE config to skip audit for
certain user (#38310)
8551ac90860 is described below
commit 8551ac90860bb809f17b6479368abfd490072ca9
Author: Mingyu Chen <[email protected]>
AuthorDate: Thu Jul 25 14:00:06 2024 +0800
[feature](audit) add new FE config to skip audit for certain user (#38310)
Sometime we don't want to audit operation from certain user in audit log
or audit table.
Add a new FE config `skip_audit_user_list`.
Default is empty, which means all operations will be recorded.
When you want to ignore some user's operation, you can set this config
like:
```
skip_audit_user_list=user1
--or
skip_audit_user_list=user1,user2
```
---
.../main/java/org/apache/doris/common/Config.java | 7 +++++++
.../org/apache/doris/qe/AuditEventProcessor.java | 22 ++++++++++++++++++++++
2 files changed, 29 insertions(+)
diff --git a/fe/fe-common/src/main/java/org/apache/doris/common/Config.java
b/fe/fe-common/src/main/java/org/apache/doris/common/Config.java
index 7af0da4f9d6..f3629537b2c 100644
--- a/fe/fe-common/src/main/java/org/apache/doris/common/Config.java
+++ b/fe/fe-common/src/main/java/org/apache/doris/common/Config.java
@@ -2525,6 +2525,13 @@ public class Config extends ConfigBase {
@ConfField(mutable = true)
public static int query_audit_log_timeout_ms = 5000;
+ @ConfField(description = {
+ "在这个列表中的用户的操作,不会被记录到审计日志中。多个用户之间用逗号分隔。",
+ "The operations of the users in this list will not be recorded in
the audit log. "
+ + "Multiple users are separated by commas."
+ })
+ public static String skip_audit_user_list = "";
+
@ConfField(mutable = true)
public static int be_report_query_statistics_timeout_ms = 60000;
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/qe/AuditEventProcessor.java
b/fe/fe-core/src/main/java/org/apache/doris/qe/AuditEventProcessor.java
index e2c45ae39ae..12e174ab5d0 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/qe/AuditEventProcessor.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/qe/AuditEventProcessor.java
@@ -17,17 +17,21 @@
package org.apache.doris.qe;
+import org.apache.doris.common.Config;
import org.apache.doris.plugin.AuditPlugin;
import org.apache.doris.plugin.Plugin;
import org.apache.doris.plugin.PluginInfo.PluginType;
import org.apache.doris.plugin.PluginMgr;
import org.apache.doris.plugin.audit.AuditEvent;
+import com.google.common.base.Strings;
import com.google.common.collect.Queues;
+import com.google.common.collect.Sets;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import java.util.List;
+import java.util.Set;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.TimeUnit;
@@ -49,16 +53,30 @@ public class AuditEventProcessor {
private volatile boolean isStopped = false;
+ private Set<String> skipAuditUsers = Sets.newHashSet();
+
public AuditEventProcessor(PluginMgr pluginMgr) {
this.pluginMgr = pluginMgr;
}
public void start() {
+ initSkipAuditUsers();
workerThread = new Thread(new Worker(), "AuditEventProcessor");
workerThread.setDaemon(true);
workerThread.start();
}
+ private void initSkipAuditUsers() {
+ if (Strings.isNullOrEmpty(Config.skip_audit_user_list)) {
+ return;
+ }
+ String[] users = Config.skip_audit_user_list.replaceAll(" ",
"").split(",");
+ for (String user : users) {
+ skipAuditUsers.add(user);
+ }
+ LOG.info("skip audit users: {}", skipAuditUsers);
+ }
+
public void stop() {
isStopped = true;
if (workerThread != null) {
@@ -75,6 +93,10 @@ public class AuditEventProcessor {
}
public boolean handleAuditEvent(AuditEvent auditEvent, boolean
ignoreQueueFullLog) {
+ if (skipAuditUsers.contains(auditEvent.user)) {
+ // return true to ignore this event
+ return true;
+ }
boolean isAddSucc = true;
try {
eventQueue.add(auditEvent);
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
