----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72701/#review221347 -----------------------------------------------------------
Ship it! Ship It! - bhavik patel On July 22, 2020, 11:13 a.m., Pradeep Agrawal wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/72701/ > ----------------------------------------------------------- > > (Updated July 22, 2020, 11:13 a.m.) > > > Review request for ranger. > > > Bugs: RANGER-2917 > https://issues.apache.org/jira/browse/RANGER-2917 > > > Repository: ranger > > > Description > ------- > > **Problem Statement:** When Elasticsearch Plugin in enabled in the index > "ranger_audits" ( ranger's audit log index), there will be recursive audit > log getting generated for audits logs that are getting in this collection. > > > **Proposed Solution:** [Solution is inspired from RANGER-2564 which has > similar implementation for solr] > > 1) Avoid recursive audit log done by service user "elasticsearch" in the > ranger_audit index. > > 2) Introduce a optional configuration parameter to add service users to > exclude from audit log for "ranger_audit" index. This is in case if customer > users are used as service user in Elasticsearch process. > > > Diffs > ----- > > > plugin-elasticsearch/src/main/java/org/apache/ranger/authorization/elasticsearch/authorizer/RangerElasticsearchAuditHandler.java > PRE-CREATION > > plugin-elasticsearch/src/main/java/org/apache/ranger/authorization/elasticsearch/authorizer/RangerElasticsearchAuthorizer.java > e72a15858 > > > Diff: https://reviews.apache.org/r/72701/diff/1/ > > > Testing > ------- > > Testing done enabling the Elastic search Plugin in ranger_audits index. > > > Thanks, > > Pradeep Agrawal > >
