Thanks for starting this discussion. I also prefer to enable READ audit. In my experience data security is very important.
Janus Chow <yiyang0...@gmail.com> 于2022年4月4日周一 10:59写道: > Hi Ozone dev, > > When checking the audit logs from Ozone components, we found that by > default Ozone only logs WRITE operations. In order to enable the audit log > for READ operations, we need to change the configurations in > audit-log4j2.properties. > That brings some confusion for users when comparing it to some other > storage systems, like HDFS, in which audit logs are enabled for both READ > and WRITE by default. > > We have a Jira ticket(https://issues.apache.org/jira/browse/HDDS-6532) and > PR (https://github.com/apache/ozone/pull/3255) about adding audit logs for > READ operations by default. > Could you help to check and comment if there are any specific concerns > not to enable READ audit logs? > > Yiyang > Thank you very much. >
