(ozone) branch master updated: HDDS-11306. OM support system audit log (#7061)

Tue, 13 Aug 2024 21:35:16 -0700 

This is an automated email from the ASF dual-hosted git repository.

devesh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ozone.git


The following commit(s) were added to refs/heads/master by this push:
     new 31ec026380 HDDS-11306. OM support system audit log (#7061)
31ec026380 is described below

commit 31ec0263805f9cbc28f5633e4c0b71d1d1be1ea7
Author: Sumit Agrawal <[email protected]>
AuthorDate: Wed Aug 14 10:05:07 2024 +0530

    HDDS-11306. OM support system audit log (#7061)
---
 .../apache/hadoop/ozone/audit/AuditLoggerType.java |  3 ++-
 .../dist/src/shell/conf/om-audit-log4j2.properties | 30 ++++++++++++++++++++--
 .../apache/hadoop/ozone/audit/OMSystemAction.java  | 21 +++++----------
 .../org/apache/hadoop/ozone/om/OzoneManager.java   | 19 ++++++++++++++
 4 files changed, 56 insertions(+), 17 deletions(-)

diff --git 
a/hadoop-hdds/framework/src/main/java/org/apache/hadoop/ozone/audit/AuditLoggerType.java
 
b/hadoop-hdds/framework/src/main/java/org/apache/hadoop/ozone/audit/AuditLoggerType.java
index d37d22118d..8dec4f4fc3 100644
--- 
a/hadoop-hdds/framework/src/main/java/org/apache/hadoop/ozone/audit/AuditLoggerType.java
+++ 
b/hadoop-hdds/framework/src/main/java/org/apache/hadoop/ozone/audit/AuditLoggerType.java
@@ -24,7 +24,8 @@ public enum AuditLoggerType {
   DNLOGGER("DNAudit"),
   OMLOGGER("OMAudit"),
   SCMLOGGER("SCMAudit"),
-  S3GLOGGER("S3GAudit");
+  S3GLOGGER("S3GAudit"),
+  OMSYSTEMLOGGER("OMSystemAudit");
 
   private String type;
 
diff --git a/hadoop-ozone/dist/src/shell/conf/om-audit-log4j2.properties 
b/hadoop-ozone/dist/src/shell/conf/om-audit-log4j2.properties
index b9b11bb628..40d02bae2c 100644
--- a/hadoop-ozone/dist/src/shell/conf/om-audit-log4j2.properties
+++ b/hadoop-ozone/dist/src/shell/conf/om-audit-log4j2.properties
@@ -60,7 +60,7 @@ filter.write.onMismatch=NEUTRAL
 #appender.console.layout.pattern=%d{DEFAULT} | %-5level | %c{1} | %msg | 
%throwable{3} %n
 
 # Comment this line when using both console and rolling appenders
-appenders=rolling
+appenders=rolling,sysrolling
 
 # Rolling File Appender with size & time thresholds.
 # Rolling is triggered when either threshold is breached.
@@ -88,13 +88,39 @@ 
appender.rolling.strategy.delete.ifFileName.glob=om-audit-*.log.gz
 appender.rolling.strategy.delete.ifLastModified.type=IfLastModified
 appender.rolling.strategy.delete.ifLastModified.age=30d
 
-loggers=audit
+appender.sysrolling.type=RollingFile
+appender.sysrolling.name=SysRollingFile
+appender.sysrolling.fileName 
=${sys:hadoop.log.dir}/om-sys-audit-${hostName}.log
+appender.sysrolling.filePattern=${sys:hadoop.log.dir}/om-sys-audit-${hostName}-%d{yyyy-MM-dd-HH-mm-ss}-%i.log.gz
+appender.sysrolling.layout.type=PatternLayout
+appender.sysrolling.layout.pattern=%d{DEFAULT} | %-5level | %c{1} | %msg | 
%throwable{3} %n
+appender.sysrolling.policies.type=Policies
+appender.sysrolling.policies.time.type=TimeBasedTriggeringPolicy
+appender.sysrolling.policies.time.interval=86400
+appender.sysrolling.policies.size.type=SizeBasedTriggeringPolicy
+appender.sysrolling.policies.size.size=64MB
+appender.sysrolling.strategy.type=DefaultRolloverStrategy
+appender.sysrolling.strategy.delete.type=Delete
+appender.sysrolling.strategy.delete.basePath=${sys:hadoop.log.dir}
+appender.sysrolling.strategy.delete.maxDepth=1
+appender.sysrolling.strategy.delete.ifFileName.type=IfFileName
+appender.sysrolling.strategy.delete.ifFileName.glob=om-sys-audit-*.log.gz
+appender.sysrolling.strategy.delete.ifLastModified.type=IfLastModified
+appender.sysrolling.strategy.delete.ifLastModified.age=30d
+
+loggers=audit,sysaudit
 logger.audit.type=AsyncLogger
 logger.audit.name=OMAudit
 logger.audit.level=INFO
 logger.audit.appenderRefs=rolling
 logger.audit.appenderRef.file.ref=RollingFile
 
+logger.sysaudit.type=AsyncLogger
+logger.sysaudit.name=OMSystemAudit
+logger.sysaudit.level=INFO
+logger.sysaudit.appenderRefs=sysrolling
+logger.sysaudit.appenderRef.file.ref=SysRollingFile
+
 rootLogger.level=INFO
 #rootLogger.appenderRefs=stdout
 #rootLogger.appenderRef.stdout.ref=STDOUT
diff --git 
a/hadoop-hdds/framework/src/main/java/org/apache/hadoop/ozone/audit/AuditLoggerType.java
 
b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/audit/OMSystemAction.java
similarity index 73%
copy from 
hadoop-hdds/framework/src/main/java/org/apache/hadoop/ozone/audit/AuditLoggerType.java
copy to 
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/audit/OMSystemAction.java
index d37d22118d..9f5b6ccebc 100644
--- 
a/hadoop-hdds/framework/src/main/java/org/apache/hadoop/ozone/audit/AuditLoggerType.java
+++ 
b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/audit/OMSystemAction.java
@@ -18,21 +18,14 @@
 package org.apache.hadoop.ozone.audit;
 
 /**
- * Enumeration for defining types of Audit Loggers in Ozone.
+ * Enum to define Audit Action types for system audit in OzoneManager. This 
will in addition to OMAction
+ * as present for request.
  */
-public enum AuditLoggerType {
-  DNLOGGER("DNAudit"),
-  OMLOGGER("OMAudit"),
-  SCMLOGGER("SCMAudit"),
-  S3GLOGGER("S3GAudit");
+public enum OMSystemAction implements AuditAction {
+  STARTUP;
 
-  private String type;
-
-  public String getType() {
-    return type;
-  }
-
-  AuditLoggerType(String type) {
-    this.type = type;
+  @Override
+  public String getAction() {
+    return this.toString();
   }
 }
diff --git 
a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
 
b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
index 03896a042e..9ceb9bb96d 100644
--- 
a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
+++ 
b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
@@ -91,6 +91,7 @@ import org.apache.hadoop.hdds.utils.db.Table;
 import org.apache.hadoop.hdds.utils.db.Table.KeyValue;
 import org.apache.hadoop.hdds.utils.db.TableIterator;
 import org.apache.hadoop.ozone.OzoneManagerVersion;
+import org.apache.hadoop.ozone.audit.OMSystemAction;
 import org.apache.hadoop.ozone.om.helpers.LeaseKeyInfo;
 import org.apache.hadoop.ozone.om.helpers.ListOpenFilesResult;
 import org.apache.hadoop.ozone.om.helpers.SnapshotDiffJob;
@@ -351,6 +352,9 @@ public final class OzoneManager extends 
ServiceRuntimeInfoImpl
   private static final AuditLogger AUDIT = new AuditLogger(
       AuditLoggerType.OMLOGGER);
 
+  private static final AuditLogger SYSTEMAUDIT = new AuditLogger(
+      AuditLoggerType.OMSYSTEMLOGGER);
+
   private static final String OM_DAEMON = "om";
 
   // This is set for read requests when OMRequest has S3Authentication set,
@@ -1644,11 +1648,15 @@ public final class OzoneManager extends 
ServiceRuntimeInfoImpl
    * Start service.
    */
   public void start() throws IOException {
+    Map<String, String> auditMap = new HashMap();
+    auditMap.put("OmState", omState.name());
     if (omState == State.BOOTSTRAPPING) {
       if (isBootstrapping) {
+        auditMap.put("Bootstrap", "normal");
         // Check that all OM configs have been updated with the new OM info.
         checkConfigBeforeBootstrap();
       } else if (isForcedBootstrapping) {
+        auditMap.put("Bootstrap", "force");
         LOG.warn("Skipped checking whether existing OM configs have been " +
             "updated with this OM information as force bootstrap is called.");
       }
@@ -1736,12 +1744,17 @@ public final class OzoneManager extends 
ServiceRuntimeInfoImpl
     }
 
     omState = State.RUNNING;
+    auditMap.put("NewOmState", omState.name());
+    
SYSTEMAUDIT.logWriteSuccess(buildAuditMessageForSuccess(OMSystemAction.STARTUP, 
auditMap));
   }
 
   /**
    * Restarts the service. This method re-initializes the rpc server.
    */
   public void restart() throws IOException {
+    Map<String, String> auditMap = new HashMap();
+    auditMap.put("OmState", omState.name());
+    auditMap.put("Trigger", "restart");
     setInstanceVariablesFromConf();
 
     LOG.info(buildRpcServerStartMessage("OzoneManager RPC server",
@@ -1808,6 +1821,8 @@ public final class OzoneManager extends 
ServiceRuntimeInfoImpl
     startJVMPauseMonitor();
     setStartTime();
     omState = State.RUNNING;
+    auditMap.put("NewOmState", omState.name());
+    
SYSTEMAUDIT.logWriteSuccess(buildAuditMessageForSuccess(OMSystemAction.STARTUP, 
auditMap));
   }
 
   /**
@@ -3037,6 +3052,10 @@ public final class OzoneManager extends 
ServiceRuntimeInfoImpl
     return AUDIT;
   }
 
+  public AuditLogger getSystemAuditLogger() {
+    return SYSTEMAUDIT;
+  }
+
   @Override
   public AuditMessage buildAuditMessageForSuccess(AuditAction op,
       Map<String, String> auditMap) {


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to