Madhan Neethiraj created RANGER-5645:
----------------------------------------
Summary: docker setup: update audit-ingestor configuration to
allow service users
Key: RANGER-5645
URL: https://issues.apache.org/jira/browse/RANGER-5645
Project: Ranger
Issue Type: Bug
Components: audit
Reporter: Madhan Neethiraj
Kafka plugin fails in sending audit logs to audit server with the following
error:
{noformat}
[2026-06-13 15:03:47,603] ERROR Failed to send audit batch. HTTP status: 403,
Response: {"message":"User is not authorized to send audit
events","status":"error","timestamp":1781363027601}
(org.apache.ranger.audit.destination.RangerAuditServerDestination)
{noformat}
Ranger audit ingestor service configuration should be updated to authorize
Kafka service user (kafka) send audit logs for dev_kafka service.
{noformat}
ranger.audit.ingestor.service.dev_kafka.allowed.users=kafka
{noformat}
Review and update configuration for other services included in docker setup as
well:
* dev_hbase
* dev_hdfs
* dev_hive
* dev_kafka
* dev_kms
* dev_knox
* dev_ozone
* dev_solr
* dev_trino
* dev_yarn
Also, there are 2 copies of {{ranger-audit-ingestor-site.xml}} under
{{/opt/ranger/audit-ingestor}} directory:
{noformat}
$ find /opt/ -name ranger-audit-ingestor-site.xml
/opt/ranger/audit-ingestor/conf/ranger-audit-ingestor-site.xml
/opt/ranger/audit-ingestor/webapp/audit-ingestor/WEB-INF/classes/conf/ranger-audit-ingestor-site.xml
{noformat}
One under /opt/ranger/audit-ingestor/conf/ seems to be unused; this needs to be
reviewed and removed.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
