[
https://issues.apache.org/jira/browse/RANGER-5645?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramachandran Krishnan reassigned RANGER-5645:
---------------------------------------------
Assignee: Ramachandran Krishnan
> docker setup: update audit-ingestor configuration to allow service users
> ------------------------------------------------------------------------
>
> Key: RANGER-5645
> URL: https://issues.apache.org/jira/browse/RANGER-5645
> Project: Ranger
> Issue Type: Bug
> Components: audit
> Reporter: Madhan Neethiraj
> Assignee: Ramachandran Krishnan
> Priority: Major
>
> Kafka plugin fails in sending audit logs to audit server with the following
> error:
> {noformat}
> [2026-06-13 15:03:47,603] ERROR Failed to send audit batch. HTTP status: 403,
> Response: {"message":"User is not authorized to send audit
> events","status":"error","timestamp":1781363027601}
> (org.apache.ranger.audit.destination.RangerAuditServerDestination)
> {noformat}
>
> Ranger audit ingestor service configuration should be updated to authorize
> Kafka service user (kafka) send audit logs for dev_kafka service.
> {noformat}
> ranger.audit.ingestor.service.dev_kafka.allowed.users=kafka
> {noformat}
>
> Review and update configuration for other services included in docker setup
> as well:
> * dev_hbase
> * dev_hdfs
> * dev_hive
> * dev_kafka
> * dev_kms
> * dev_knox
> * dev_ozone
> * dev_solr
> * dev_trino
> * dev_yarn
>
> Also, there are 2 copies of {{ranger-audit-ingestor-site.xml}} under
> {{/opt/ranger/audit-ingestor}} directory:
> {noformat}
> $ find /opt/ -name ranger-audit-ingestor-site.xml
> /opt/ranger/audit-ingestor/conf/ranger-audit-ingestor-site.xml
> /opt/ranger/audit-ingestor/webapp/audit-ingestor/WEB-INF/classes/conf/ranger-audit-ingestor-site.xml
> {noformat}
> One under /opt/ranger/audit-ingestor/conf/ seems to be unused; this needs to
> be reviewed and removed.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
