[
https://issues.apache.org/jira/browse/RANGER-858?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Madhan Neethiraj resolved RANGER-858.
-------------------------------------
Resolution: Not A Bug
[~Jordan] If audit is set to 'yes' in any one policy applicable for resource,
Ranger generates audit logs. This is by design.
> Audit is generated when "Audit logging=no"
> ------------------------------------------
>
> Key: RANGER-858
> URL: https://issues.apache.org/jira/browse/RANGER-858
> Project: Ranger
> Issue Type: Bug
> Components: audit
> Affects Versions: 0.5.0
> Environment: HDP 2.3.4
> Reporter: Raúl Jordán
>
> We have a Ranger HDFS policy with some overlapping rules like these:
> (Id=1) (Resouce=/tmp) (recursive) (Audit logging=yes)
> (Id=2) (Resource=/tmp/hive/ambari-qa/*) (Audit logging=no)
> Ranger plugin is generating entries from policy id=2 in audit log. They
> should not be generated because audit logging is set to no for policy id=2.
> If I turn audit logging to no in policy id=1 the problem doesn't ocurr. I
> also tried to change the order of the two policies but it doesn't change the
> behavior.
> It seems that the audit logging variable is set to yes from the first generic
> rule and it's not reset to the value of the more specific rule.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
