----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73581/ -----------------------------------------------------------
Review request for ranger. Repository: ranger Description ------- Several improvements are needed to make the Elasticsearch audit log provider viable: 1. Configuration and setup scripts need to support settings for the port, scheme, and index 2. Audit log search logic can remove the "fetch" call after the "searchResources" call to Elasticsearch 3. xasecure.audit.elasticsearch.is.enabled should be supported to enable this provider 4. AuditProviderFactory.java needs logic changes to allow enabling the provider Diffs ----- agents-audit/src/main/java/org/apache/ranger/audit/provider/AuditProviderFactory.java 7a3c7f61d hbase-agent/conf/ranger-hbase-audit-changes.cfg 26bd2fab9 hdfs-agent/conf/ranger-hdfs-audit-changes.cfg 9e099e6d0 hive-agent/conf/ranger-hive-audit-changes.cfg c396d5d55 knox-agent/conf/ranger-knox-audit-changes.cfg c396d5d55 migration-util/ambari2.1-hdp2.3-ranger0.50/bin/import_ranger_to_ambari.py 195a116dd plugin-atlas/conf/ranger-atlas-audit-changes.cfg 39d1d109a plugin-elasticsearch/conf/ranger-elasticsearch-audit-changes.cfg c396d5d55 plugin-kafka/conf/ranger-kafka-audit-changes.cfg dfd27f37c plugin-kms/conf/ranger-kms-audit-changes.cfg 8d5ca3433 plugin-kylin/conf/ranger-kylin-audit-changes.cfg c396d5d55 plugin-ozone/conf/ranger-ozone-audit-changes.cfg 8cd5e39c8 plugin-presto/conf/ranger-presto-audit-changes.cfg dfd27f37c plugin-solr/conf/ranger-solr-audit-changes.cfg d4588ffc1 plugin-sqoop/conf/ranger-sqoop-audit-changes.cfg c396d5d55 plugin-yarn/conf/ranger-yarn-audit-changes.cfg c396d5d55 security-admin/contrib/elasticsearch_for_audit_setup/conf/ranger_es_schema.json 801667bce security-admin/scripts/ranger-admin-site-template.xml 72ff66eaf security-admin/scripts/setup.sh c3f51a03a security-admin/src/main/java/org/apache/ranger/elasticsearch/ElasticSearchAccessAuditsService.java 0b2e7df7f security-admin/src/main/java/org/apache/ranger/elasticsearch/ElasticSearchUtil.java 9bee640a5 security-admin/src/main/resources/conf.dist/ranger-admin-site.xml d32a324ec security-admin/src/test/java/org/apache/ranger/elasticsearch/ElasticSearchAccessAuditsServiceTest.java cebe5f54e storm-agent/conf/ranger-storm-audit-changes.cfg c396d5d55 Diff: https://reviews.apache.org/r/73581/diff/1/ Testing ------- Integration testing in a multi-user lab environment using AWS-based Elasticsearch for audit log, Ranger admin, and Hive clients. Tested installation process, new audit log records being reported by client, and audit log searches via the admin UI. Thanks, Andrew Charneski
