This is an automated email from the ASF dual-hosted git repository.
weichiu pushed a commit to branch HDDS-9225-website-v2
in repository https://gitbox.apache.org/repos/asf/ozone-site.git
The following commit(s) were added to refs/heads/HDDS-9225-website-v2 by this
push:
new 60bf923cc HDDS-14274. [Website v2] [Docs] [Administrator Guide]
Configuring Audit Logs (#175)
60bf923cc is described below
commit 60bf923cc78388ce0f764145f60fca2e838300c3
Author: KUAN-HAO HUANG <[email protected]>
AuthorDate: Wed Dec 31 02:46:38 2025 +0800
HDDS-14274. [Website v2] [Docs] [Administrator Guide] Configuring Audit
Logs (#175)
---
.../02-configuration/02-logging/02-audit-logs.md | 50 +++++++++++++++++++---
1 file changed, 44 insertions(+), 6 deletions(-)
diff --git
a/docs/05-administrator-guide/02-configuration/02-logging/02-audit-logs.md
b/docs/05-administrator-guide/02-configuration/02-logging/02-audit-logs.md
index 8f08839ab..617e2a26f 100644
--- a/docs/05-administrator-guide/02-configuration/02-logging/02-audit-logs.md
+++ b/docs/05-administrator-guide/02-configuration/02-logging/02-audit-logs.md
@@ -4,12 +4,50 @@ sidebar_label: Audit Logs
# Configuring Audit Logs
-Document Ozone's use of log4j for audit logging, including:
+Audit logs record security-sensitive operations, providing a trail of actions
performed on the cluster. The following services produce audit logs:
-- Default configuration
-- Examples of common configurations
-- Where Ozone looks for log4j configuration files.
+- Ozone Manager
-Link to existing Log4j docs as necessary.
+- Storage Container Manager
-**TODO:** File a subtask under
[HDDS-9859](https://issues.apache.org/jira/browse/HDDS-9859) and complete this
page or section.
+- Datanode
+
+- S3 Gateway
+
+Audit log configurations are set in `*-audit-log4j2.properties` files. You can
change the corresponding files to update the audit log policies for each
component.
+
+## Sample Audit Log Entry
+
+Here is an example of an audit log entry from the Ozone Manager:
+
+```text
+INFO | OMAudit | ? | user=hdfs | ip=127.0.0.1 | op=CREATE_VOLUME |
params={volume=vol1, admin=hdfs, owner=hdfs} | result=SUCCESS
+```
+
+This entry shows that the user `hdfs` successfully created a volume named
`vol1`.
+
+## Deletion of Audit Logs
+
+The default log appender is a rolling appender. The following configurations
can be added for the deletion of out-of-date AuditLogs.
+
+```properties
+appender.rolling.strategy.type=DefaultRolloverStrategy
+
+appender.rolling.strategy.max=3000
+
+appender.rolling.strategy.delete.type=Delete
+
+appender.rolling.strategy.delete.basePath=${sys:hadoop.log.dir}
+
+appender.rolling.strategy.delete.maxDepth=1
+
+appender.rolling.strategy.delete.ifFileName.type=IfFileName
+
+appender.rolling.strategy.delete.ifFileName.glob=om-audit-*.log.gz
+
+appender.rolling.strategy.delete.ifLastModified.type=IfLastModified
+
+appender.rolling.strategy.delete.ifLastModified.age=30d
+```
+
+For more details, please check [Log4j2 Delete on
Rollover](https://logging.apache.org/log4j/2.x/manual/appenders.html#CustomDeleteOnRollover).
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
