[ozone] branch master updated: HDDS-6532. Enable READ audit log by default (#3255)

dineshc Tue, 19 Apr 2022 11:42:41 -0700

This is an automated email from the ASF dual-hosted git repository.

dineshc pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ozone.git



The following commit(s) were added to refs/heads/master by this push:
     new 172947815b HDDS-6532. Enable READ audit log by default (#3255)
172947815b is described below

commit 172947815bb48fc3ba2e5ac499eee6dfeaf60255
Author: Symious <[email protected]>
AuthorDate: Wed Apr 20 02:42:30 2022 +0800

    HDDS-6532. Enable READ audit log by default (#3255)
---
 .../hadoop/ozone/audit/TestOzoneAuditLogger.java   | 43 ++++++++++++++--------
 .../common/src/test/resources/auditlog.properties  |  2 +-
 .../dist/src/shell/conf/dn-audit-log4j2.properties |  2 +-
 .../dist/src/shell/conf/om-audit-log4j2.properties |  2 +-
 .../src/shell/conf/s3g-audit-log4j2.properties     |  2 +-
 .../src/shell/conf/scm-audit-log4j2.properties     |  2 +-
 6 files changed, 33 insertions(+), 20 deletions(-)

diff --git 
a/hadoop-hdds/common/src/test/java/org/apache/hadoop/ozone/audit/TestOzoneAuditLogger.java
 
b/hadoop-hdds/common/src/test/java/org/apache/hadoop/ozone/audit/TestOzoneAuditLogger.java
index 645d88bd65..1b8e744554 100644
--- 
a/hadoop-hdds/common/src/test/java/org/apache/hadoop/ozone/audit/TestOzoneAuditLogger.java
+++ 
b/hadoop-hdds/common/src/test/java/org/apache/hadoop/ozone/audit/TestOzoneAuditLogger.java
@@ -119,10 +119,10 @@ public class TestOzoneAuditLogger {
   }
 
   /**
-   * Test to verify default log level is INFO when logging success events.
+   * Test to verify default log level is INFO when logging WRITE success 
events.
    */
   @Test
-  public void verifyDefaultLogLevelForSuccess() throws IOException {
+  public void verifyDefaultLogLevelForWriteSuccess() throws IOException {
     AUDIT.logWriteSuccess(WRITE_SUCCESS_MSG);
     String expected =
         "INFO  | OMAudit | ? | " + WRITE_SUCCESS_MSG.getFormattedMessage();
@@ -130,16 +130,39 @@ public class TestOzoneAuditLogger {
   }
 
   /**
-   * Test to verify default log level is ERROR when logging failure events.
+   * Test to verify default log level is ERROR when logging WRITE failure
+   * events.
    */
   @Test
-  public void verifyDefaultLogLevelForFailure() throws IOException {
+  public void verifyDefaultLogLevelForWriteFailure() throws IOException {
     AUDIT.logWriteFailure(WRITE_FAIL_MSG);
     String expected =
         "ERROR | OMAudit | ? | " + WRITE_FAIL_MSG.getFormattedMessage();
     verifyLog(expected);
   }
 
+  /**
+   * Test to verify default log level is INFO when logging READ success events.
+   */
+  @Test
+  public void verifyDefaultLogLevelForReadSuccess() throws IOException {
+    AUDIT.logReadSuccess(READ_SUCCESS_MSG);
+    String expected =
+        "INFO  | OMAudit | ? | " + READ_SUCCESS_MSG.getFormattedMessage();
+    verifyLog(expected);
+  }
+
+  /**
+   * Test to verify default log level is ERROR when logging READ failure 
events.
+   */
+  @Test
+  public void verifyDefaultLogLevelForFailure() throws IOException {
+    AUDIT.logReadFailure(READ_FAIL_MSG);
+    String expected =
+        "ERROR | OMAudit | ? | " + READ_FAIL_MSG.getFormattedMessage();
+    verifyLog(expected);
+  }
+
   @Test
   public void messageIncludesAllParts() {
     String message = WRITE_FAIL_MSG.getFormattedMessage();
@@ -150,16 +173,6 @@ public class TestOzoneAuditLogger {
     assertTrue(message, message.contains(FAILURE.getStatus()));
   }
 
-  /**
-   * Test to verify no READ event is logged.
-   */
-  @Test
-  public void notLogReadEvents() throws IOException {
-    AUDIT.logReadSuccess(READ_SUCCESS_MSG);
-    AUDIT.logReadFailure(READ_FAIL_MSG);
-    verifyNoLog();
-  }
-
   /**
    * Test to verify no WRITE event is logged.
    */
@@ -173,10 +186,10 @@ public class TestOzoneAuditLogger {
     AUDIT.logWriteSuccess(WRITE_SUCCESS_MSG);
     verifyNoLog();
   }
+  
   /**
    * Test to verify if multiline entries can be checked.
    */
-
   @Test
   public void messageIncludesMultilineException() throws IOException {
     String exceptionMessage = "Dummy exception message";
diff --git a/hadoop-hdds/common/src/test/resources/auditlog.properties 
b/hadoop-hdds/common/src/test/resources/auditlog.properties
index 85c18b55f1..959da047fb 100644
--- a/hadoop-hdds/common/src/test/resources/auditlog.properties
+++ b/hadoop-hdds/common/src/test/resources/auditlog.properties
@@ -28,7 +28,7 @@ filter=read, write
 # in the configuration
 filter.read.type = MarkerFilter
 filter.read.marker = READ
-filter.read.onMatch = DENY
+filter.read.onMatch = NEUTRAL
 filter.read.onMismatch = NEUTRAL
 
 # filter.write.onMatch = DENY avoids logging all WRITE events
diff --git a/hadoop-ozone/dist/src/shell/conf/dn-audit-log4j2.properties 
b/hadoop-ozone/dist/src/shell/conf/dn-audit-log4j2.properties
index 3c4d045759..479b455fb8 100644
--- a/hadoop-ozone/dist/src/shell/conf/dn-audit-log4j2.properties
+++ b/hadoop-ozone/dist/src/shell/conf/dn-audit-log4j2.properties
@@ -28,7 +28,7 @@ filter=read,write
 # in the configuration
 filter.read.type=MarkerFilter
 filter.read.marker=READ
-filter.read.onMatch=DENY
+filter.read.onMatch=NEUTRAL
 filter.read.onMismatch=NEUTRAL
 
 # filter.write.onMatch=DENY avoids logging all WRITE events
diff --git a/hadoop-ozone/dist/src/shell/conf/om-audit-log4j2.properties 
b/hadoop-ozone/dist/src/shell/conf/om-audit-log4j2.properties
index 57577e162d..af707fdf2e 100644
--- a/hadoop-ozone/dist/src/shell/conf/om-audit-log4j2.properties
+++ b/hadoop-ozone/dist/src/shell/conf/om-audit-log4j2.properties
@@ -28,7 +28,7 @@ filter=read,write
 # in the configuration
 filter.read.type=MarkerFilter
 filter.read.marker=READ
-filter.read.onMatch=DENY
+filter.read.onMatch=NEUTRAL
 filter.read.onMismatch=NEUTRAL
 
 # filter.write.onMatch=DENY avoids logging all WRITE events
diff --git a/hadoop-ozone/dist/src/shell/conf/s3g-audit-log4j2.properties 
b/hadoop-ozone/dist/src/shell/conf/s3g-audit-log4j2.properties
index 6d516628c5..8bc374e200 100644
--- a/hadoop-ozone/dist/src/shell/conf/s3g-audit-log4j2.properties
+++ b/hadoop-ozone/dist/src/shell/conf/s3g-audit-log4j2.properties
@@ -28,7 +28,7 @@ filter=read,write
 # in the configuration
 filter.read.type=MarkerFilter
 filter.read.marker=READ
-filter.read.onMatch=DENY
+filter.read.onMatch=NEUTRAL
 filter.read.onMismatch=NEUTRAL
 
 # filter.write.onMatch=DENY avoids logging all WRITE events
diff --git a/hadoop-ozone/dist/src/shell/conf/scm-audit-log4j2.properties 
b/hadoop-ozone/dist/src/shell/conf/scm-audit-log4j2.properties
index 3f81561cc4..e8c46d60ff 100644
--- a/hadoop-ozone/dist/src/shell/conf/scm-audit-log4j2.properties
+++ b/hadoop-ozone/dist/src/shell/conf/scm-audit-log4j2.properties
@@ -28,7 +28,7 @@ filter=read,write
 # in the configuration
 filter.read.type=MarkerFilter
 filter.read.marker=READ
-filter.read.onMatch=DENY
+filter.read.onMatch=NEUTRAL
 filter.read.onMismatch=NEUTRAL
 
 # filter.write.onMatch=DENY avoids logging all WRITE events


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[ozone] branch master updated: HDDS-6532. Enable READ audit log by default (#3255)

Reply via email to