steveloughran commented on a change in pull request #3916:
URL: https://github.com/apache/hadoop/pull/3916#discussion_r790605728
##########
File path:
hadoop-tools/hadoop-aws/src/site/markdown/tools/hadoop-aws/auditing.md
##########
@@ -63,27 +75,43 @@ ideally even identifying the process/job generating load.
## Using Auditing
-The Logging Auditor is enabled by default; it annotates the S3 logs.
+Auditing is disabled by default.
+When auditing enabled, a Logging Auditor will annotate the S3 logs through a
custom
+HTTP Referrer header in requests made to S3.
+Other auditor classes may be used instead.
### Auditor Options
| Option | Meaning | Default Value |
|--------|---------|---------------|
+| `fs.s3a.audit.enabled` | Is auditing enabled | `false` |
| `fs.s3a.audit.service.classname` | Auditor classname |
`org.apache.hadoop.fs.s3a.audit.impl.LoggingAuditor` |
| `fs.s3a.audit.request.handlers` | List of extra subclasses of AWS SDK
RequestHandler2 to include in handler chain | `""` |
| `fs.s3a.audit.referrer.enabled` | Logging auditor to publish the audit
information in the HTTP Referrer header | `true` |
| `fs.s3a.audit.referrer.filter` | List of audit fields to filter | `""` |
| `fs.s3a.audit.reject.out.of.span.operations` | Auditor to reject operations
"outside of a span" | `false` |
-### Disabling Auditing with the No-op Auditor
+### Disabling Auditing.
Review comment:
adding to the architecture as an FYI point
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
