[
https://issues.apache.org/jira/browse/RANGER-3257?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Abhishek Shukla updated RANGER-3257:
------------------------------------
Description:
Can we update the default Kafka audit filters as follows:
This will filter out Kafka audits related to ATLAS_SPARK_HOOK, topic describe
action, etc
{code:java}
[
{
"accessResult":"DENIED",
"isAudited":true
},
{
"resources":{
"topic":{
"values":[
"ATLAS_ENTITIES",
"ATLAS_HOOK",
"ATLAS_SPARK_HOOK"
]
}
},
"users":[
"atlas"
],
"actions":[
"describe",
"publish",
"consume"
],
"isAudited":false
},
{
"resources":{
"topic":{
"values":[
"ATLAS_HOOK"
]
}
},
"users":[
"hive",
"hbase",
"impala",
"nifi"
],
"actions":[
"publish",
"describe"
],
"isAudited":false
},
{
"resources":{
"topic":{
"values":[
"ATLAS_ENTITIES"
]
}
},
"users":[
"rangertagsync"
],
"actions":[
"consume",
"describe"
],
"isAudited":false
},
{
"resources":{
"consumergroup":{
"values":[
"*"
]
}
},
"users":[
"atlas",
"rangertagsync"
],
"actions":[
"consume"
],
"isAudited":false
},
{
"users":[
"kafka_service_user_name"
],
"isAudited":false
}
]
{code}
cc [~dineshkumar-yadav]
was:
Can we update the default Kafka audit filters as follows:
This will filter out Kafka audits related to ATLAS_SPARK_HOOK, topic describe
action, etc
{code:java}
[
{
"accessResult":"DENIED",
"isAudited":true
},
{
"resources":{
"topic":{
"values":[
"ATLAS_ENTITIES",
"ATLAS_HOOK",
"ATLAS_SPARK_HOOK"
]
}
},
"users":[
"atlas"
],
"actions":[
"describe",
"publish",
"consume"
],
"isAudited":false
},
{
"resources":{
"topic":{
"values":[
"ATLAS_HOOK"
]
}
},
"users":[
"hive",
"hbase",
"impala",
"nifi"
],
"actions":[
"publish",
"describe"
],
"isAudited":false
},
{
"resources":{
"topic":{
"values":[
"ATLAS_ENTITIES"
]
}
},
"users":[
"rangertagsync"
],
"actions":[
"consume",
"describe"
],
"isAudited":false
},
{
"resources":{
"consumergroup":{
"values":[
"*"
]
}
},
"users":[
"atlas",
"rangertagsync"
],
"actions":[
"consume"
],
"isAudited":false
},
{
"users":[
"kafka_service_user_name"
],
"isAudited":false
}
]
{code}
> Update default kafka audit filters to filter out unwanted audits
> ----------------------------------------------------------------
>
> Key: RANGER-3257
> URL: https://issues.apache.org/jira/browse/RANGER-3257
> Project: Ranger
> Issue Type: Improvement
> Components: audit
> Affects Versions: 2.2.0
> Reporter: Abhishek Shukla
> Priority: Major
>
> Can we update the default Kafka audit filters as follows:
> This will filter out Kafka audits related to ATLAS_SPARK_HOOK, topic describe
> action, etc
> {code:java}
> [
> {
> "accessResult":"DENIED",
> "isAudited":true
> },
> {
> "resources":{
> "topic":{
> "values":[
> "ATLAS_ENTITIES",
> "ATLAS_HOOK",
> "ATLAS_SPARK_HOOK"
> ]
> }
> },
> "users":[
> "atlas"
> ],
> "actions":[
> "describe",
> "publish",
> "consume"
> ],
> "isAudited":false
> },
> {
> "resources":{
> "topic":{
> "values":[
> "ATLAS_HOOK"
> ]
> }
> },
> "users":[
> "hive",
> "hbase",
> "impala",
> "nifi"
> ],
> "actions":[
> "publish",
> "describe"
> ],
> "isAudited":false
> },
> {
> "resources":{
> "topic":{
> "values":[
> "ATLAS_ENTITIES"
> ]
> }
> },
> "users":[
> "rangertagsync"
> ],
> "actions":[
> "consume",
> "describe"
> ],
> "isAudited":false
> },
> {
> "resources":{
> "consumergroup":{
> "values":[
> "*"
> ]
> }
> },
> "users":[
> "atlas",
> "rangertagsync"
> ],
> "actions":[
> "consume"
> ],
> "isAudited":false
> },
> {
> "users":[
> "kafka_service_user_name"
> ],
> "isAudited":false
> }
> ]
> {code}
> cc [~dineshkumar-yadav]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
