[
https://issues.apache.org/jira/browse/HADOOP-10756?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14073490#comment-14073490
]
Arun Suresh commented on HADOOP-10756:
--------------------------------------
Yup.. makes sense..
bq. On expiry/unauthorized, if accessCount is greater than 0, flush to log, set
accessCount to 0, set entry in cache again.
So this would imply that for the first time window, there would be a log entry
for the first access and when the window expires.. if the access spans multiple
windows, for all subsequent windows we only log the access-count when the
window expires.. rite ?
bq. on flushing we should make sure we set the event time to the flushing time.
We could also log the time interval of the aggregated count
I was thinking, for the first access, we don't need to specify any timestamp
(since the timestamp for the log entry should already exist), and at expiry, we
give the access count and time window interval
> KMS audit log should consolidate successful similar requests
> ------------------------------------------------------------
>
> Key: HADOOP-10756
> URL: https://issues.apache.org/jira/browse/HADOOP-10756
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 3.0.0
> Reporter: Alejandro Abdelnur
> Assignee: Arun Suresh
> Attachments: HADOOP-10756.1.patch, HADOOP-10756.2.patch,
> HADOOP-10756.3.patch, HADOOP-10756.4.patch, HADOOP-10756.5.patch
>
>
> Every rejected access should be audited, but successful accesses should be
> consolidated within a given amount of time if the request is from the same
> user for he same key.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
