[
https://issues.apache.org/jira/browse/KNOX-23?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13881214#comment-13881214
]
Kevin Minder commented on KNOX-23:
----------------------------------
I'd like to see if we could be more explicit for authentication failures.
Currently the following audit records are written for 3) Request to HBase with
incorrect password
14/01/24 09:22:05
||90b820a9-2b73-494a-9afb-66f60cd55678|audit|WEBHBASE||||access|uri|/gateway/sandbox/hbase|unavailable|
14/01/24 09:22:05
||90b820a9-2b73-494a-9afb-66f60cd55678|audit|WEBHBASE||||access|uri|/gateway/sandbox/hbase|success|Response
status: 401
I'd like to see if something more like the authorization records could be
written as well.
14/01/24 09:22:21
||a2e2c933-3192-466a-a688-fd81ec18534c|audit|WEBHDFS|guest|hdfs||authorization|uri|/gateway/sandbox/webhdfs/v1/user/?op=LISTSTATUS|failure|
> Generate audit log of all gateway activity
> ------------------------------------------
>
> Key: KNOX-23
> URL: https://issues.apache.org/jira/browse/KNOX-23
> Project: Apache Knox
> Issue Type: New Feature
> Components: Server
> Affects Versions: 0.2.0
> Reporter: Kevin Minder
> Assignee: Vladimir Tkhir
> Fix For: 0.4.0
>
> Attachments: KNOX-23.patch, gateway-audit.log
>
>
> From BUG-4302
> All interactions that pass through the gateway should be recorded in a
> separate audit log. This should include the IP and principal of the caller
> and potentially some service specific information (e.g. HDFS file name)
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
