[
https://issues.apache.org/jira/browse/RANGER-3260?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Abhishek Shukla updated RANGER-3260:
------------------------------------
Description:
Can we update the default hdfs audit filters as follows:
This will filter out hdfs audits related to hdfs, hue, oozie, spark, mapred,
hbase service users access audits.
{code:java}
[
{
"accessResult":"DENIED",
"isAudited":true
},
{
"actions":[
"delete",
"rename"
],
"isAudited":true
},
{
"users":[
"hdfs"
],
"actions":[
"listStatus",
"getfileinfo",
"listCachePools",
"listCacheDirectives",
"listCorruptFileBlocks",
"monitorHealth",
"rollEditLog",
"open"
],
"isAudited":false
},
{
"users":[
"oozie"
],
"resources":{
"path":{
"values":[
"/user/oozie/share/lib"
],
"isRecursive":true
}
},
"isAudited":false
},
{
"users":[
"spark"
],
"resources":{
"path":{
"values":[
"/user/spark/applicationHistory"
],
"isRecursive":true
}
},
"isAudited":false
},
{
"users":[
"hue"
],
"resources":{
"path":{
"values":[
"/user/hue"
],
"isRecursive":true
}
},
"isAudited":false
},
{
"users":[
"hbase"
],
"resources":{
"path":{
"values":[
"/hbase"
],
"isRecursive":true
}
},
"isAudited":false
},
{
"users":[
"mapred"
],
"resources":{
"path":{
"values":[
"/user/history"
],
"isRecursive":true
}
},
"isAudited":false
},
{
"actions":[
"getfileinfo"
],
"isAudited":false
}
]
{code}
[~dineshkumar-yadav]
was:
Can we update the default hdfs audit filters as follows:
This will filter out hdfs audits related to hdfs, hue, oozie, spark, mapred,
hbase service users access audits.
{code:java}
[
{
"accessResult":"DENIED",
"isAudited":true
},
{
"actions":[
"delete",
"rename"
],
"isAudited":true
},
{
"users":[
"hdfs"
],
"actions":[
"listStatus",
"getfileinfo",
"listCachePools",
"listCacheDirectives",
"listCorruptFileBlocks",
"monitorHealth",
"rollEditLog",
"open"
],
"isAudited":false
},
{
"users":[
"oozie"
],
"resources":{
"path":{
"values":[
"/user/oozie/share/lib"
],
"isRecursive":true
}
},
"isAudited":false
},
{
"users":[
"spark"
],
"resources":{
"path":{
"values":[
"/user/spark/applicationHistory"
],
"isRecursive":true
}
},
"isAudited":false
},
{
"users":[
"hue"
],
"resources":{
"path":{
"values":[
"/user/hue"
],
"isRecursive":true
}
},
"isAudited":false
},
{
"users":[
"hbase"
],
"resources":{
"path":{
"values":[
"/hbase"
],
"isRecursive":true
}
},
"isAudited":false
},
{
"users":[
"mapred"
],
"resources":{
"path":{
"values":[
"/user/history"
],
"isRecursive":true
}
},
"isAudited":false
},
{
"actions":[
"getfileinfo"
],
"isAudited":false
}
]
{code}
> Update default hdfs audit filters to filter out unwanted audits
> ---------------------------------------------------------------
>
> Key: RANGER-3260
> URL: https://issues.apache.org/jira/browse/RANGER-3260
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Affects Versions: 2.2.0
> Reporter: Abhishek Shukla
> Priority: Major
>
> Can we update the default hdfs audit filters as follows:
> This will filter out hdfs audits related to hdfs, hue, oozie, spark, mapred,
> hbase service users access audits.
> {code:java}
> [
> {
> "accessResult":"DENIED",
> "isAudited":true
> },
> {
> "actions":[
> "delete",
> "rename"
> ],
> "isAudited":true
> },
> {
> "users":[
> "hdfs"
> ],
> "actions":[
> "listStatus",
> "getfileinfo",
> "listCachePools",
> "listCacheDirectives",
> "listCorruptFileBlocks",
> "monitorHealth",
> "rollEditLog",
> "open"
> ],
> "isAudited":false
> },
> {
> "users":[
> "oozie"
> ],
> "resources":{
> "path":{
> "values":[
> "/user/oozie/share/lib"
> ],
> "isRecursive":true
> }
> },
> "isAudited":false
> },
> {
> "users":[
> "spark"
> ],
> "resources":{
> "path":{
> "values":[
> "/user/spark/applicationHistory"
> ],
> "isRecursive":true
> }
> },
> "isAudited":false
> },
> {
> "users":[
> "hue"
> ],
> "resources":{
> "path":{
> "values":[
> "/user/hue"
> ],
> "isRecursive":true
> }
> },
> "isAudited":false
> },
> {
> "users":[
> "hbase"
> ],
> "resources":{
> "path":{
> "values":[
> "/hbase"
> ],
> "isRecursive":true
> }
> },
> "isAudited":false
> },
> {
> "users":[
> "mapred"
> ],
> "resources":{
> "path":{
> "values":[
> "/user/history"
> ],
> "isRecursive":true
> }
> },
> "isAudited":false
> },
> {
> "actions":[
> "getfileinfo"
> ],
> "isAudited":false
> }
> ]
> {code}
> [~dineshkumar-yadav]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
